Sam and his friends hack Scooters, Routers, Domain Providers and lots of cars: Ferrari, Porsche. BMW, Rolls Royce, Kia and many more!
Get Proton VPN for free: davidbombal.wiki/protonvpn3
Big thanks to Proton for Sponsoring the video!
// Sam’s SOCIAL//
X: x.com/samwcyo
Website: samcurry.net/
Blog: samcurry.net/blog/
Car hacking: samcurry.net/web-hackers-vs-t...
// David's SOCIAL //
Discord: / discord
X: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
KZhead: / @davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// Menu //
00:00 - Coming up
00:57 - Proton VPN sponsored segment
01:55 - Sam Curry background
04:11 - Big impact vulnerabilities // "Finding out I was hacked"
11:10 - Sam's blogs
11:40 - Hacking Apple for 3 months
13:57 - Red Teamers vs the law
18:40 - Hacking Ferrari, Mercedes, BMW, etc.
27:57 - The dangers of centralized systems
31:13 - Hacking Tesla cars
34:09 - The real threat of hacked vehicles
37:45 - Taking over TLDs // Vulnerable domains
41:38 - Hacking car manufacture domains
45:15 - Growth in cybersecurity
46:41 - Coming from a small town // More opportunities than ever
48:28 - How to get into hacking/cybersecurity
51:43 - Growing from cybersecurity
53:29 - Connect with Sam Curry // Conclusion
Telsa
Ferrrari
Porsche
BMW
Mercedes
Rolls Royce
Kia
Flipper Zero
car hacking
mr robot
sdr
car
cars
auto hacking
kia hacking
ferrari hacking
land rover
hacking
automative hacking
hackers
hacking a car
how to hack a car
hacking keyless entry
hacking cars
wireless car control
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#cybersecurity #hack #hacking
Sam and his friends hack Scooters, Routers, Domain Providers and lots of cars: Ferrari, Porsche. BMW, Rolls Royce, Kia and many more! Get Proton VPN for free: davidbombal.wiki/protonvpn3 Big thanks to Proton for Sponsoring the video! // Sam’s SOCIAL// X: x.com/samwcyo Website: samcurry.net/ Blog: samcurry.net/blog/ Car hacking: samcurry.net/web-hackers-vs-the-auto-industry // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZhead: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // Menu // 00:00 - Coming up 00:57 - Proton VPN sponsored segment 01:55 - Sam Curry background 04:11 - Big impact vulnerabilities // "Finding out I was hacked" 11:10 - Sam's blogs 11:40 - Hacking Apple for 3 months 13:57 - Red Teamers vs the law 18:40 - Hacking Ferrari, Mercedes, BMW, etc. 27:57 - The dangers of centralized systems 31:13 - Hacking Tesla cars 34:09 - The real threat of hacked vehicles 37:45 - Taking over TLDs // Vulnerable domains 41:38 - Hacking car manufacture domains 45:15 - Growth in cybersecurity 46:41 - Coming from a small town // More opportunities than ever 48:28 - How to get into hacking/cybersecurity 51:43 - Growing from cybersecurity 53:29 - Connect with Sam Curry // Conclusion Telsa Ferrrari Porsche BMW Mercedes Rolls Royce Kia Flipper Zero car hacking mr robot sdr car cars auto hacking kia hacking ferrari hacking land rover hacking automative hacking hackers hacking a car how to hack a car hacking keyless entry hacking cars wireless car control Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cybersecurity #hack #hacking
Many cars steal all the data on your phone in America (to sell) nowadays and is becoming a legal issue as the FBI has been buying this information without warrants. My question is could you put something like a RAT (remote access tool) or a php like the (DVWA) damn vulnerable web app on your phone then get remote access or exploit their systems and/or their servers? Edit: AT&T has been caught giving customer information to the government without a warrant and freely.
Please do videos on multiband jammers (sadly there only seems to be chinese ones that are really available). Such devices are on alldeals, jammerstore, jammerpro etc. I want to know if these things work (VHF, UHF, WIFI, L1, L2, 2.4G, 4G)
EVs will be a hackers paradise especially government hackers. No that I think about it, he does look like Jay Leno.
22:31 That isn't a hack, that's a secret innocuous design feature. A way for centralized parties to commit 'accidents'.
Addendum: Peer to peer IPv6 infrastructures and architecture, resolves for this, and only one commodity data ledger endeavors to utilize this within is' protocol.
Great interview. My two favorite parts: "it was only available for 10 minutes" yeah right Porsche, and "you might not get arrested" at the end, fun is fun until you end up in jail. We need to make more room for ethical hacking! Sam's work should be celebrated and supported even more than it is.
This has to be one of the coolest interviews so far very fascinating
Currently in a cybersecurity retraining course and this has been very informative. I appreciate the work you do David. Thanks Sam
Incredible vid David. It is so interesting how taking the time to understand how these RF devices work it can be trivial to compromise.
Thank you. Sam and his friends hack millions of devices and cars. Just amazing.
@@davidbombal yes Sam really is amazing and I hope it inspires others to really learn RF and how these devices work down to the metal.
@@davidbombal - Wireless systems are inherently insecure, no matter how well encrypted, there's sometimes a flaw which can be exploited. That's why wired systems are inherently more secure, though nothing is 100%.
Such an awesome guest, story, and anything is possible! Happy to hear he was able to see the world! 🎉
Both inspired AND jealous, Great interview!
That sums it up. What more needs said..
Great content as always! Many thanks from a big fan of your channel in Tokyo❤️
Here in Australia you can find a vehicles VIN number by doing a rego check on the vehicle so you don’t even need to be near that vehicle.
Exactly what I thought
Here in the Colonies, you have to provide government ID and pay a nomial sum to get vehicle information. When a car is stolen, those names are immediately suspect. Althrough crooked cops and clerks to do this for cash as well.
@@lyfandethin Victoria all you need is the rego plate. You then have the vin number
If the manufacturers get self-driving sorted and with that will come a summons feature, you're potentially looking at the thief having the car come to them.
You can summons Tesla and some Kia already.
AMAZING INTERVIEW....by far one of my favs...I love how humble and down to earth both you David and Sam are!! Modern Day Superheroes!!
This was super interesting. The more I watch these videos the more I want to learn.
Really cool interview! But this is the reason I don't want a car with wireless connections that I don't control. And yes, I have disabled the GPS and GMS antenna in my car, making it "offline".
bad news, the antenna just extends the vector, that cvode is prolly still running someone just needs to be on your car. Hax0r hood ornament :)
It can still be hacked because your car runs on electricity all they need is to get the signal that your key gives and do a copy of
@@Blueice294 That is true, but it is a completely different thing than the car spying on you and sending the data to someone
Very informative, cant wait for the next podcast/interview!
Thank you! More coming soon 😀
This is very interesting. I know the ISP I was with over 5 years ago (might be the same one - not sure) could see how many devices were connected) . When I was speaking to them on the phone setting it up she actually told me as she was monitoring my modem / router from the ISP. I can't remember if it was when I was on ADSL
Thank you for the quality content. Keep up the good work.
Thank you. I appreciate that :)
Thank you for your work :)
That kid spoke words I've never heard before lol. What a fascinating insight as to how these guy's do what they do. Wonderful to listen to.
For hotels & free wifi we don't need to use vpn, using secure dns with our devices encrypts all of our traffic and they cannot know anything. For win 11 the configuration is out of box and encrypts all dns traffic from computer. Same for mac/iphones, we can easily install profile that configures for all traffic coming out of devices.
It's commendable of him to have stayed so down-to-earth after having accomplished so much in so little lifetime.
Fantastic interview! Thank you
Thank you! Glad you enjoyed it!
What about if you have your ISP’s modem set to bridge mode, is that more secure? While it doesn’t have an ip address itself my IPS can still stuff to it by connecting to its MAC address which it uses to authenticate that modem/router on their network. Like reset it or update it.
Generally bridge mode turns off any management UI access given it's just forwarding anything that moves through it as is dropped to layer 2 functionality, however connection by MAC alone I don't think is the case. What is possible, though, is the potential for management UI access on a hidden layer 3, or alternate interface that could possibly exist on the WAN only side of more modern modems, where an ISP could still have access on say a management VLAN so that they could carry out support with software defined controls in cases where customers choose to bridge mode their modems.
@@kylecurry6841thanks
I remember reading about a security issue in Tesla where an owner that locked/unlocked their tesla via NFC, automatically opened a Bluetooth backdoor on the car as well, and through this door - which remained open for 130 seconds since the (un)lock action - an attacker could register another tesla key for that car, without the car owner receiving any kind of notification about a new key being registered.
He said fascinating about 50 times, and it actually was fascinating what followed... 😅 loved it!
Great video as always!
Thank you! Glad you enjoyed it!
Do you recommend a home firewall??? Or just a VPN?
Bro is living his best life.
Great Video David. Keep it coming 😊
Hell of a young man, especially hearing the last 10 minutes of the interview about his home life growing up.
So freaky. I race cars every day, could you potentially see teams/people hacking other cars, say f1? Gt3? Maybe even NASCAR? Etc..?
It's a worry ... more and more of our devices are getting connected ... and hackers like Sam and his friends can do so much damage (very glad that Sam is on the right side and hack ethically).
As the industry moves towards EV and include more and more systems within cars, I can see this being a serious concern.
@@Tim_ToolMayne_Taylor it’s a real fear of mine. Like red dawn… lol. But as my racing career progresses, we are seeing more digital controls in cars, from tunes to disablers, how can we protect drivers from serious harm. Are these companies actually concerned and implementing extended safety measures? Or is it up to people like David and Sam to save the world?
it's the entertainment systems that are vulnerable in everything (including planes) F1 doesn't even have a cup holder let alone a network stack running onboard:P (actually yes it probably is networked to the pit team ..) hmm
If they have access to an internet connection, it's likely possible.
Great interview David
2:40 : Wow! That's cool that he did a lot! Thank you for the video upload David!
How can I test this on my car from your blog? Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the VIN number. What app/device did you use?
How secure is apples built in vpn. Does it do all traffic. Or just your safari use
How will I get certified in udemy do I need to write a exam and I have to pay for it or only enrolling the course will give me access to that exam ?
Probably the most alarming video I've seen you post. And wow, do I feel inadequate now.
Yup it's been done to my vehicle once...however was able to manage what was done
Sorry to jump on the feed about a post that doesn't relate to this topic but I have a question. When you capture a four-way handshake and that router has WPS can I use crunch to generate a dictionary with pins from 00000000 - 99999999 And do an offline crack with that handshake with the dictionary 🙏🏻
if the router has wpss PIN enabled you can attack that pretty trivially. once you have the passkey you don't ned to h4x0r anything.
Thank you so much, you have taught me so much and my knowledge has grown so much. I love your channel and your videos. So a huge thank you 🙏🏻
I like this guy. He's sharp and knows how the governments can get anyone at anytime if they have a digital paper trail.
There is a key for every lock. You can't make anything theft proof but you can make it difficult. My Tesla requires a PIN number in order to drive it. The automakers don't put that feature in their cars because lots of cars are stolen and shipped out of the country which means more business for the automakers. This was actually on 60 minutes. So I enabled the PIN number security to drive my Tesla.. Of course the pin number is stored somewhere and most likely a hacker could access it, but that would prevent 95% of the thefts.
Low hanging fruit is a big deal in the world of automation, don't be the low hanging fruit
People think I'm crazy and paranoid when I talk about the possibilities like this. Crazy a little but paranoid no, just simply observing how things are and coming up with scenarios in my head for how they could be exploited.
The style of the pictures on Sam's blog page reminds me for Jack Rhysider. I think it could be cool if David and Jack make a podcast with each other.
Jack was on the channel a few years ago.
@@dawidvanstraatenyeah, you're right, I even saw that video too, but somehow I forgot, thank you! :)
Imagine, if you build an license plate scanner, that does an reverse lookup to fetch the VIN number and auto sends commands to every plate scanned.
All you got to do is change your DNS routing from your ISP to like say cloudflare or something back in the day
Maybe back in the day but dont think it matters these days.
Hello teacher thank you for a video you are my favourite teacher ❤❤❤
I did a scooter hack. Turns out you could use the bluetooth connection while a rider was also using it. I decompiled the app used with the scooters and worked out the commands accepted (including some still in the app but unused). In the end I could use a mobile phone with an app for BLE, to send the command to reset the scooter while someone was riding it. Good fun playing 'knockout the scooter' and getting someone to abandon it.
good job david 😅
Thank you!
I used to have a 1970 Opel Kadett 1.9L Rallye that was yellow, had the black stripes down the side of the car towards the bottom. It was a "barn find" as it had been sitting outside against a barn for ages. One side was almost perfect and the other side was a smidge bit rusty. It had almost every option for the car you could have including the extra guages on the inside mounted under the dash, and those big old round fog/driving lights mounted on the front of the car. Had i had the time and extra money back then i would have fixed the rust etc and swapped in a boosted V8 lol. Instead someone from New Zealand reached out to me and i sold it to them for an astounding $9500. I havent seen one since. Funny thing was mine was road worthy and even had a bottle of Lead additive for the gas tank lol.
do what makes you happy always thank you sam 🤓
So how do you protect your home without slowing down the internet?
Thank you
Just thought of this idea what if all those self driven cars were hacked and here we go.
Cracking interview.
After the latest news (26/03/2024), maybe the team should check whether you can remotely disable ships after what just happened in Baltimore. A remote anti-piracy measure coupled with google maps and ship tracking website would be rather dangerous. The operator was Maersk.
IoT's and Zigby are the next big hack i think and it's terrifying.
are these vulnerabilities still compromisable or they been mitigated already before the interview?
Welders are the same way, we make welding look easy. Then whenever someone tries it. They find out how hard it is.
How Any device imei number trace
All that's happened to me the last 2 years. Trying to save my own devices. Replaced 2 pcs. Then find out my ISP was compromised and got worse and worse. Can't convince my elder grandparents all this is even possible. It literally just keeps getting worse and worse of a situation for me... too stupid to soak in all this info to put it all together successfully. About to just not have devices. It's sad. Especially when everyone that I reach out to make fun of me because "wipe the drive" is the only solution. Or get told "I know enough to fuck it all up but not fix it" but I had got scammed originally when I called for help. So I've learned, not to ask for help, it sucks to suck, and know everything about what you don't know before you physically try it. Lol.
you really could crash the cars i work on cars if you knew the can bus codes for transmission shifting and the throttle is drive by wire witch means its controlled by the computer that is from a parked position .
Amazing interview 52:24 😊
To sa ti pri kolobežke stať nemôže 😂😂😂
What can we do to protect our cars if anything?
Go to your dealer and get your cars radio networking protocols turned off, eg:BLUETOOTH, WiFi, NFC because that will limit your vector exposure to physical access vulns.
Nothing just hope no one hacks you 😂
Does Sam Curry listen to Sam Cook while hacking?
What I wonder more is how many of these disclosed vulnerabilities actually patched? PS: Another reason to reiterate if it says smart it's unsafe.
great episode.
You are the best teacher in hacking or tech video love you❤❤❤
Thank you. You are very kind!
Like the film "Leave the World Behind", there is a scene where a Tesla car is hacked. Will the future be like that?
Q: what right does the US have to arrest you in japan?
at the end of the day, if you are connected you can be hacked, just unlucky if you are!
Good thing I drive stick shift.
Car hacking...how do we protect against that lol
Yes, not only can they reset, turn off modem, they can see your traffic and GBs a second EDIT: No matter the equipment it can be seen.
Greetings: I am sure glad I havw a vehicle with 2 separate keys and not the new Hi-Tech junk. I said B4 and I will say it aga: technology is leading 2 our demise. Thx 4 the share.
Beating the system one line of code at a time.
Damn, Omaha isn't THAT small lol
i have alredy got the car hacking course 😂
Oh Daaam, jay leno time traveled 40 years back and found interest in hacking! wd mate.
I kinda want to replay watch dogs 2…
Q: Have you read the code? Is there a back door? Can I hack it with rsh,telnet,VPN hacking software, etc. Does it tell you you've been hacked ..lied to you to gain your trust in their software? Also,a lot of software is just recycled and replanted into what appears to be new software!
Are VPNs really secure??
We should not hook cars up to the Internet.
"Like. Like. Like" good "like" interview , "like" keep up the "like" good work.
Some time reply us too
Not sure what you mean? But, hello!
What about Military vehicle??
is this guy a secret love child of Jay Leno? dude has got a head shaped like Jay Leno, he also looks like he stole Jay leno's hair style too
So much left to learn just when I think I'm getting somewhere😢
learn from the best
That is not true about degrees. I’m 31 out of work with knowledge in Networking, server deployment and I can’t get a job why? Because everyone wants a piece of paper with maths and English grades. I have learning support and ADHD I’m stuck on social security out of work. Employment people wants maths and English. I have qualifications in Networking but due to my learning support I have no Job. No one is interested.
Hi I actually own that car and it makes me really sad lol
Yeah 100%
David is that you gov-boi ?
They can still get your info from the vpn company, feels like a bad vpn advert
Proton is a Swiss company with associated privacy laws check the T&Cs
What is behind him!?
You referring to the monitor?
@@davidbombaloo i see it now. That's the stand. Ha! Thank you. I'm like 40 minutes in and its been driving me nuts. Lol
Ps. Awesome interview you have some of the best interviews. Your style doesn't treat the viewers/listeners like their dumb unlike a lot of hacker interviews.
Looks Like a 21:9 Cinema Display 😊
Max Headroom's shades.
Separate network for IOT
I think he's had a big advantage in the hacking world by growing up with computers and networks and software to hack. People my age didn't have computers to hack until our late teens. I mean, sure you could hack the Doom WAD file. Maybe write a batch file that would delete someone's computer files but networks and viruses just weren't as common. Also, he looks like Jay Leno. Now I have to wonder - who is going to us AI to find and exploit vulnerabilities to attack other nations. I have no doubt it's either in the works or it's being used already. Most likely the big players - USA, Russia, Iran, India, China, NK, Australia, Germany. France and the UK. Hacking into power grids, vehicles, financial institutions. Please somebody h@ck the ATF and IRS and delete everything.
It wasn't a mistake at the airport. They targeted you and may have been on a payroll of the gov corps.
Please make a video
This is a Video ..
Do you realize you suggested stealing,train tuckets, or subway tickets! Calgary arrests you for not paying! Your giving tge young newbies ideas!😮
Never gunna buy any car made after 2016!!!
The only VPN I am using is my home VPN server....