A hacker has found illegal way to get free ride on Uber by exploiting a security bug on the ride-hailing service.
A product security engineer, Anand Prakash has revealed the simplest trick to use Uber’s free ride anywhere in the world.
According to him he was trying to find any security loopholes and found one quite easily. Prakash, an ethical hacker who also runs his own blog, says that the loophole was related to the payment method where by using an invalid method would get him free rides.
The hacker also told the complete procedure of getting free ride and he also experienced it and shared it in different countries of the world. “To demonstrate the bug, I got permission from the Uber team and took free rides in the United States and India and I wasn’t charged from any of my payment methods,” he said.
Parkash has identified the issue to Uber who have now created a patch for the loophole. He was also rewarded for his effort by Uber through their bug bounty hunters programme.
Prakash says he makes a living out of finding security bugs and has so far been awarded $13,500 from Uber in bounty rewards.
The ride-hailing service runs a security programme that employs 200 researchers with the task of searching for bugs that can be exploited by hackers. The company pays up to $10,000 for critical issues identified.