Homepage eVestigator Cyber Forensic IT & Expert Witness Services newsroom
Register as BUSINESS Register as PR AGENCY Register as JOURNALIST

Mysterious Uber charges when you're asleep? Simon Smith, the eVestigator® may know why

Announcement posted by eVestigator Cyber Forensic IT & Expert Witness Services 12 Jan 2017

Simon explains to "A Current Affair" how hacked Uber Accounts sell on the Dark Web for just $4
Simon Smith explains to "A Current Affair" a possible reason why mysterious trips and meals appear on Australian's credit cards made from hacked Uber Accounts

ssu.png

Why do people always say their accounts have been hacked?

"If only Yahoo knew the damage at large they may have caused by not telling people about 1.5 billion accounts being stolen, and waiting so long. The likeliness of people using similar details - and a dictionary style attack being used to generate known Uber accounts is highly probable", Mr. Smith Said.

On his way to the Channel Nine studio he was pondering in the Taxi and decided to do a little test and make his own account. "Secondly, I personally was surprised when I was able to create an account merely with a mobile phone number (without verification) and literally the password, password123", Mr. Smith shook his head whilst in the Taxi.

Mr. Smith later came to learn that Uber's position is that there is no concern with the App that credit cards are stored. "I agree, that's the least of anyone's concern", Mr. Smith said to Channel Nine. He explained that essentially, "the Uber login credentials is the most important part, as it is a trusted source directly to the customers' PayPal, Google Wallet and credit card, a direct key in!".

Mr. Smith has been programming since he was an 11 year old boy, professionally and for industry from 19 and teaching from 22 whilst still in the industry and is rather unique in his skillset. He grew up at the exact right time. He wrote web servers and mail servers as they were becoming widespread and bulletin boards were being phased out in favour of the Internet! He is also a competent enterprise application developer, not just smartphones, but "real" Applications, and has worked for Pharmaceutical, CRM, GEO-IP mapping, API & SDK for programmers and high level devices that came way before the Android and iPhone. He built modern digital dictation systems almost 15 years ago running on Windows CE on handheld devices that ran an entire hospital system in Texas, and also the foot pedal integration with iTunes, Media Player, and other vendors for the transcription and workflow management. He has worked on high level integration tools for programmers and is now an industry expert for the courts and entrepreneur.


Looking at the Uber APK

After the interview, Mr. Smith wanted to take a closer look at this Android Apk. He commented, "Honestly, as an App Developer and Source Code Auditor, the APK of the Android App does not look very secure either".

He did not elaborate further on that point. Maybe that will be something for later? Who knows!


A copy of the "A Current Affair" segment aired on 11/1/2017 is below and Copyright Channel 9.

ev5.png

https://www.youtube.com/watch?v=GspDuvZ5YRQ

To contact Simon Smith as a Cyber Forensic Private Investigator or Expert Witness, please see the direct media contact below or visit http://www.cybersecurity.com.au.

Simon Smith's brief of credentials and experience can be found here