The Mystery of the Stolen Uber Account: Investigating Hacking and Security Breaches
TLDR The hosts of Reply All investigate the theft of their boss's Uber account, exploring theories such as keystroke loggers, Wi-Fi pineapples, and fake phone companies. After a thorough investigation, they discover that the account notifications were going to an inactive email address, raising concerns about the security of personal accounts for those without extensive resources.
Timestamped Summary
00:00
In this episode, the hosts investigate how a Russian person stole their boss's Uber account and receive numerous theories and leads from listeners.
04:11
The hosts tried running a different virus scanner on Alex's dad's tablet but found no viruses, leading them to explore the theory that a keystroke logger may have been installed on a computer Alex used in the past.
08:16
A security researcher named Mick Lawler explains the concept of a Wi-Fi pineapple, a device that can be used to intercept and spy on internet connections, potentially collecting usernames and passwords, and warns that it can be set up anywhere, not just in places like Starbucks.
12:09
The theory is that Alex's phone may have been hacked through a method where a fake phone company pretends to be the local provider and intercepts all text messages and calls, allowing them to potentially bypass two-factor authentication.
16:09
The theory that Alex's phone was hacked through a fake phone company intercepting his text messages and calls is unlikely, and the most plausible explanation is that his Gmail and Uber account were hacked when he logged into Gmail using his dad's infected Surface Pro.
19:42
After doing research, the most likely theory is that Alex's Gmail account was hacked and he never received the emails from Uber about the weird activity in Moscow.
24:10
After searching through Google's admin console, it was discovered that Uber had actually sent the emails to Alex Bloomberg, suggesting that Uber either didn't send them or was not telling the truth.
28:53
After a legitimate forensics investigation, it was discovered that the initial email address associated with Alex Bloomberg's Uber account was his old work email address, which was no longer active, and that the notifications about the account changes were essentially going into the void.
32:49
After a long investigation involving multiple engineers and the entire staff of Reply All, it was discovered what happened to Alex's Uber account, but it raises the question of what people are supposed to do if they don't have the same resources.
Categories:
Technology
Society & Culture