Uber cyber attack methodology :
1. The hacker socially engineered an Uber employee to steal their credentials
2. They then accessed Uber’s VPN with the stolen credentials to connect to Uber’s internal network.
3. While scanning Uber’s internal network, the hacker discovered a shared network folder that contained PowerShell script.
4. The hacker identified a PowerShell script that included the username and password of an administrative user of a Privileged Access Management (PAM) tool, which stores secrets (e.g.credentials, keys, etc). For Uber, it was secrets for many internal systems and applications.
5. The hacker used secrets stored in PAM tools to access Uber’s systems and applications with control of this account, the attacker claimed, they were able to gain access tokens for Uber cloud infrastructure, including Amazon Web Services, Google’s GSuite, VMware’s vSphere dashboard, the authentication manager Duo, and the critical identity and access management services.
6. The hacker then taunted Uber by posting in their company slack instance, notifying them of the hack!
And it was 17 Year Old, check out how and where he got arrested here