Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Taking over Uber accounts through voicemail
(
assetnote.io
)
15 points
by
infosecau
on July 4, 2021
|
hide
|
past
|
favorite
|
5 comments
dns
on July 6, 2021
|
next
[–]
I know as shubs, this post interesting and good writeup. thanks! I follow you on twitter!
mechboy
on July 4, 2021
|
prev
|
next
[–]
Uber will never know the severity of this bug until several user accounts got compromised by someone
zealsham
on July 4, 2021
|
prev
|
next
[–]
I’ll say Uber rejected this due to highly unlikely user interaction required .
infosecau
on July 5, 2021
|
parent
|
next
[–]
There's not really much user interaction required. You just have to engage the victims cell phone when sending the OTP. The voicemail hack doesn't require any user interaction.
fzionism
on July 4, 2021
|
prev
[–]
Very interesting,
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: