Uber Website Petition Hacked To Show Lyft Homepage

Uber seems to have taken a step in the right direction of late, with some of the recent news surrounding the rideshare company involving details about company policy, like their stance on drivers in China who engage in or are linked to protests on Chinese Taxi services, stating they would fire any Uber drivers should they be found to be at one of these protests. It may be a small gesture and one which is more of a statement and act which seeks to keep their relations with the Country positive in light of a future renewal to operate legally in the region, but nonetheless it's something which shows Uber takes acting as a proper business more seriously than it may have in the past.

The latest news on Uber though has nothing to do with their company policies, new Driver perks, surge pricing, or them expanding into new territories. No, the latest on Uber surrounds their website which was recently hacked for the sheer purpose of displaying an ad for ride share competitor Lyft. Most would have assumed a site hack for Uber would be including the loss or potential breach of personal customer data, but it seems to have been little more than a stunt, in part to show off a rival company ad.

The main intention behind the hack, which was completed by a security researcher named Austin Epperson, was to show that an online petition being used on the Uber site to gain access of licensed operation on Market Street in San Francisco was susceptible to an exploit, which allowed him to submit a large number of false signatures to their petition, about 90,000 by Epperson's estimates, all by manipulating a little bit of code. Besides displaying the Lyft homepage on the main petition front page, he also manipulated the code to display the petition as if Uber was asking for the rights to turn Market Street into a giant slip and slide. While it seems like no harm may have been done, Epperson's point was that Uber had a huge vulnerability in their online petition which could have allowed hackers with malicious intent access to do far worse things through the site than Epperson's pranks.

Copyright ©2019 Android Headlines. All Rights Reserved
This post may contain affiliate links. See our privacy policy for more information.
You May Like These
More Like This:
About the Author

Justin Diaz

Justin has written for Android Headlines since 2012 and currently adopts a Games Editor role with a specific focus on mobile gaming and game-streaming services. Prior to the move to Android Headlines Justin spent almost eight years working directly within the wireless industry. Contact him at [email protected]