The logo for the Daily Beast's Obsessed website. It reads: 'Obsessed: What to Watch, Binge, See, & Skip'
DAILY BEAST
Membership call to action crossword iconCrosswordNewsletters
  • Cheat Sheet
  • Obsessed
  • Politics
  • Crime
  • Entertainment
  • Media
  • Innovation
  • Opinion
  • Reality TV
  • U.S. News
  • Scouted
CHEAT SHEET
    POLITICS
    • Biden World
    • Elections
    • Opinion
    • National Security
    • Congress
    • Pay Dirt
    • The New Abnormal
    • Trumpland
    MEDIA
    • Confider
    • Daytime Talk
    • Late-Night
    • Fox News
    U.S. NEWS
    • Identities
    • Crime
    • Race
    • LGBT
    • Extremism
    • Coronavirus
    WORLD
    • Russia
    • Europe
    • China
    • Middle East
    INNOVATION
    • Science
    TRAVEL
      ENTERTAINMENT
      • TV
      • Movies
      • Music
      • Comedy
      • Sports
      • Sex
      • TDB's Obsessed
      • Awards Shows
      • The Last Laugh
      CULTURE
      • Power Trip
      • Fashion
      • Books
      • Royalist
      TECH
      • Disinformation
      SCOUTED
      • Clothing
      • Technology
      • Beauty
      • Home
      • Pets
      • Kitchen
      • Fitness
      • I'm Looking For
      BEST PICKS
      • Best VPNs
      • Best Gaming PCs
      • Best Air Fryers
      COUPONS
      • Vistaprint Coupons
      • Ulta Coupons
      • Office Depot Coupons
      • Adidas Promo Codes
      • Walmart Promo Codes
      • H&M Coupons
      • Spanx Promo Codes
      • StubHub Promo Codes
      Products
      NewslettersPodcastsCrosswordsSubscription
      FOLLOW US
      GOT A TIP?

      SEARCH

      HOMEPAGE
      Disinformationfranchise orientation badge

      Sneaky Android Malware Tries to Steal Your Uber Login Details

      DANGER AHEAD

      Hackers hunting out Uber accounts are moving beyond just trying a victim’s password, to stealing it directly.

      Joseph Cox

      Joseph Cox

      Updated Jan. 04, 2018 5:08AM EST / Published Jan. 03, 2018 10:55PM EST 

      Photo Illustration by Sarah Rogers/The Daily Beast

      From stolen accounts to Russian-hacker run networks, Uber’s blackmarket trade has steadily become a staple in the digital underground. Now, researchers from cybersecurity firm Symantec have found a piece of malware that tries to steal a target’s Uber password, before covering up its own tracks.

      According to that research, the Android malware causes a fake Uber user interface to repeatedly pop-up on a target’s device, taking up the whole screen, until the user enters their Uber ID and password. As with many other phishing campaigns, as soon as the victim provides their credentials, the malware sends those details off to the hacker’s remote server, Symantec said.

      In an email, Uber spokesperson Melanie Ensign told The Daily Beast “we recommend only downloading apps from trusted sources. However, we want to protect our users even if they make an honest mistake and that’s why we put a collection of security controls and systems in place to help detect and block unauthorized logins even if you accidentally give away your password.”

      Hackers could do a few different things with a stolen set of Uber accounts. They could sell them on the dark web, where customers buy login details and then simply take rides and their victim’s expense. In 2015, scammers were selling thousands of stolen accounts for $1 each, before the marketed became saturated and the price plummeted to just 40 cents per account. Many of these accounts were likely hacked because victims had used the same password on Uber as well as a website that was already breached, meaning scammers could just log into the user’s account.

      Stolen accounts may also come in handy when running other Uber-related scams, such as when hackers trick Uber by posing as both driver and customer with spoofing-technology, or when running their own, illegitimate network of Uber drivers.

      Vikram Thakur, technical director at Symantec, also told The Daily Beast the accounts could be used to compile a fuller picture when stealing identities.

      The malware, however, is distributed not through the ordinary Google Play Store, but third-party application stores, Thakur said.

      “Users are likely in Russian-speaking countries in limited number. We don’t anticipate such an app to be in wide scale distribution,” Thakur added.

      Regardless, in an attempt to operate surreptitiously, after stealing the data, the malware Symantec found then displays a screen from the real Uber app installed on the victim’s phone, showing their current location. This is done by calling a so-called deep link URI, which takes users to particular content within an app, and starts the Ride Request process, the report adds.

      Joseph Cox

      Joseph Cox

      @josephfcoxjosephfranciscox@gmail.com

      Got a tip? Send it to The Daily Beast here.

      READ THIS LIST

      DAILY BEAST
      • Cheat Sheet
      • Politics
      • Entertainment
      • Media
      • World
      • Innovation
      • U.S. News
      • Scouted
      • Travel
      • Subscription
      • Crossword
      • Newsletters
      • Podcasts
      • About
      • Contact
      • Tips
      • Jobs
      • Advertise
      • Help
      • Privacy
      • Code of Ethics & Standards
      • Diversity
      • Terms & Conditions
      • Copyright & Trademark
      • Sitemap
      • Best Picks
      • Coupons
      • Coupons:
      • Dick's Sporting Goods Coupons
      • HP Coupon Codes
      • Chewy Promo Codes
      • Nordstrom Rack Coupons
      • NordVPN Coupons
      • JCPenny Coupons
      • Nordstrom Coupons
      • Samsung Promo Coupons
      • Home Depot Coupons
      • Hotwire Promo Codes
      • eBay Coupons
      • Ashley Furniture Promo Codes
      © 2023 The Daily Beast Company LLC