Sep 23, 2019 | Updated: 11:17 AM EDT

Uber Got Successfully Hacked By Indian IT Expert; He Gets Lifetime Of Free Rides

Mar 06, 2017 05:48 AM EST

Close

An Indian IT worker has successfully discovered and hacked a way to get a lifetime free Uber rides anywhere in the world. He claims that it was actually easy to hack the app.

Anand Prakash, a product security engineer, said in his blog that the Uber app was easy for him to be hacked because of a bug that is easy to be overwritten. His blog specializes in web application.

"I was testing Uber application for security loopholes. This is how I was able to figure it out. It was easy to do. Attackers could have misused this by taking unlimited free rides from their Uber account," he said in an interview with The Telegraph.

Deccan Chronicles loophole that Prakash is talking about is the payment method where there is an invalid method about it. With this invalid method, this got Prakash free rides for a lifetime.

"Users can create their account on Uber and can start riding. When a ride is completed, a user can either pay cash or charge it to their credit/debit card. But, by specifying an invalid payment method for example: abc, xyz etc, I could ride Uber for free," he said.

Tech Worm Prakash said that he used his method on the popular ride-sharing app in various countries. He found out that Uber actually works everywhere.

Was he arrested for doing this? In fact, Prakash was rewarded by Uber for finding loopholes in the bug and his efforts were credited for the company's bug bounty hunters program.

He said that in order to demonstrate the bug, he got a permission from Uber to take some free rides in the United States and India. Those rides were not charged with his payment method.

Currently, Uber is prepping up for the security of their app. Their program, the Uber security program, employs 200 researchers to find vulnerabilities of the app that could be exploited by hackers. They are going to pay $10,000 for the researcher who could find a critical issue with the app.

This is not the first time that Prakash was able to hack a big time company like Uber. He was previously reported that he was able to penetrate to Domino's Pizza and successfully got free Domino's pizza for life.

Real Time Analytics