Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Underground Uber Networks Driven by Russian Hackers (thedailybeast.com)

Posted by msmash on from the what's-happening dept.

Joseph Cox, reporting for DailyBeat: Uber's ride-sharing service has given birth to some of the most creative criminal scams to date, including using a GPS-spoofing app to rip off riders in Nigeria, and even ginning up fake drivers by using stolen identities. Add to those this nefariously genius operation: Cybercriminals, many working in Russia, have created their own illegitimate taxi services for other crooks by piggybacking off Uber's ride-sharing platform, sometimes working in collaboration with corrupt drivers. Based on several Russian-language posts across a number of criminal-world sites, this is how the scam works: The scammer needs an emulator, a piece of software which allows them to run a virtual Android phone on their laptop with the Uber app, as well as a virtual private network (VPN), which routes their computer's traffic through a server in the same city as the rider. The scammer acts, in essence, as a middleman between an Uber driver and the passenger -- ordering trips through the Uber app, but relaying messages outside of it. Typically, this fraudulent dispatcher uses the messaging app Telegram to chat with the passenger, who provides pickup and destination addresses. The scammer orders the trip, and then provides the car brand, driver name, and license plate details back to the passenger through Telegram.

3 of 49 comments (clear)

  1. Re:But what's the scam? by Attila+Dimedici · · Score: 3, Informative

    The "scam" is that Uber is not getting their cut.

    --
    The truth is that all men having power ought to be mistrusted. James Madison
  2. How it works by SB5407 · · Score: 5, Informative
    1. "An enterprising company" advertises taxi services for less than the prevailing rate. I'll call the service "Hot Taxi" because it depends on stolen payment accounts/credit cards.
    2. A potential rider contacts Hot Taxi.
    3. Hot Taxi and the rider work out the details of the rider's payment (a rate less than Uber or Lyft, presumably), the pickup and the drop off.
    4. Hot Taxi books an Uber ride with a stolen CC.
    5. At the end of the ride, Uber charges the stolen credit card, and while the rider has to pay Hot Taxi via something like the Russian equivalent of PayPal or Venmo.
    6. Boom. The rider gets a taxi ride from Hot Taxi that costs less than the going Uber rate and Hot Taxi pockets the money, because they don't have to pay the driver, Uber does.
  3. Re:Is it simple arbitrage? by SB5407 · · Score: 3, Informative

    The rider pays the hackers with actual funds while Uber charges a stolen credit card that the hackers used to book the ride.