Loopholes In Uber App For Lifetime Free Rides: Now Fixed
Bengaluru, March 04: How anyone could have used Uber to ride for free! Isn’t it an interesting question?
Now, a Bangalore-based hacker Anand Prakash has the answer.
He finds that, a security loophole in the famous Uber app, which allows anyone to get a lifetime of free rides. Yes, you heard it right — never pay Uber for your rides, ever!
Anand Prakash has disclosed a video that shows us how anyone could have used the loophole within the Uber app to gain free rides for life.
Anand mentions that Uber, the American online transportation company, which has around 528 cities in its credential, has a security deficiency.
When a user creates an account on their website and starts riding, he can riding and pay after the accomplishment of his ride, either by credit or debit card or by cash or a wallet.
But, when he specified an invalid payment method that he cannot pay from, the Uber app permit him to ride for free.
Anand Prakash reveals the bug after taking proper permissions from the Uber team.
He showed the Uber team how he could ride for free with the flaw in India and in the United States, and he wasn’t charged a penny.
Anand Prakash has posted the details on his blog also:
The proof of concept was demonstrated in the video below:
The hack that Anand Prakash has done was may not be as simple as one thinks and cannot be easy can copy by any ordinary rider.
You need to familiar with a little scripting and coding of programmes and you can do the same too.
The security bug is now fixed by Uber Inc — Anand Prakash, who has saved Uber from a massive loss, if someone would have utilised the bug and it went unnoticed.
The International online transport giant Uber’s security programme has around 200 researchers onboard who deal with bugs and exploits.
Uber pays up to $10,000 as an award for any censorious issues identified and reported to them.
Anand Prakash, the Bangalorean is an ethical hacker and makes a living from finding security bugs.
Uber has rewarded Anand Prakash around $13,500 (About Rs 9 Lakhs) as a bounty programme.
Anand Prakash is also presently one of the top hackers with Facebook’s White Hat bug finding programme.
Anand Prakash was the one to find the security flaw with Facebook where anyone can take over other’s Facebook account and change its password with ease. He received an award of $15,000(About Rs 10 Lakh) from Facebook.