Pakistan’s popular ride-hailing and mobility app, Bykea, used by many Pakistanis, experienced a disturbing hacking incident on Tuesday, raising significant user concern.
Users started receiving extremely inappropriate text messages, which alarmed and unnerved them and signaled the start of the ordeal. Bykea quickly corrected the problem and apologised for the objectionable messages. The messages, according to the business, were transmitted using a hacked third-party communication platform. Around 12:10 pm, users saw the first warning, which contained offensive language. Less than an hour later, users saw a second notification, which warned them in Urdu that the mobile app was still under attack.
CEO of Bykea Muneeb Maayr reported to the local press that a laptop belonging to a Bykea worker in their Karachi office was accessed from outside the nation. Due to the lack of two-factor authentication in the compromised third-party tool, the system was compromised and the application was made accessible to the hackers.
Bykea apologised for the offensive messaging in an official statement following the incident. With a third-party communication platform, they were able to confirm the breach, and their team was able to effectively restore the app. Users were reassured in a statement by Bykea that their app and data were protected. The organisation advised customers to call their helpline if they had any problems.
The compromised programme was immediately disabled by Bykea, and they also announced their plans to switch to a tool with two-factor authentication.
The attack was not targeted towards ransomware or maligning the organization and its image, as is usually the case. According to Maayr, the cyberattack appears to suggest that Bykea was targeted due to its popularity amongst Pakistanis, and by targeting this mobile app, hackers would be able to contact more people.
Bykea indicated that they simply save encrypted cell numbers in relation to the security of customer data, while Bank Alfalah is in charge of handling credit card information. Customers were given reassurance that they didn’t need to worry because corrective measures were already in place, and all is under control.
This is not the first time a mobility app has been under a cyberattack. This time around, more than ever, it was heartening to see industry support pour through immediately with several technology and cybersecurity experts offering technical support. Many from the ecosystem stepped up in backing Pakistan’s most popular mobility app; Bykea.
Industry support plays a vital role in assisting startups that have been hacked by providing guidance, sharing knowledge, protecting reputation, ensuring legal compliance, and fostering a stronger cybersecurity ecosystem.