[–] mechboy 5y ago ↗ Uber will never know the severity of this bug until several user accounts got compromised by someone
[–] zealsham 5y ago ↗ I’ll say Uber rejected this due to highly unlikely user interaction required . [–] infosecau 5y ago ↗ There's not really much user interaction required. You just have to engage the victims cell phone when sending the OTP. The voicemail hack doesn't require any user interaction.
[–] infosecau 5y ago ↗ There's not really much user interaction required. You just have to engage the victims cell phone when sending the OTP. The voicemail hack doesn't require any user interaction.
[–] dns 5y ago ↗ I know as shubs, this post interesting and good writeup. thanks! I follow you on twitter!
5 comments
[ 2.8 ms ] story [ 24.9 ms ] thread