Sam and his friends hack Scooters, Routers, Domain Providers and lots of cars: Ferrari, Porsche. BMW, Rolls Royce, Kia and many more! Get Proton VPN for free: davidbombal.wiki/protonvpn3 Big thanks to Proton for Sponsoring the video! // Sam’s SOCIAL// X: x.com/samwcyo Website: samcurry.net/ Blog: samcurry.net/blog/ Car hacking: samcurry.net/web-hackers-vs-the-auto-industry // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZread: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // Menu // 00:00 - Coming up 00:57 - Proton VPN sponsored segment 01:55 - Sam Curry background 04:11 - Big impact vulnerabilities // "Finding out I was hacked" 11:10 - Sam's blogs 11:40 - Hacking Apple for 3 months 13:57 - Red Teamers vs the law 18:40 - Hacking Ferrari, Mercedes, BMW, etc. 27:57 - The dangers of centralized systems 31:13 - Hacking Tesla cars 34:09 - The real threat of hacked vehicles 37:45 - Taking over TLDs // Vulnerable domains 41:38 - Hacking car manufacture domains 45:15 - Growth in cybersecurity 46:41 - Coming from a small town // More opportunities than ever 48:28 - How to get into hacking/cybersecurity 51:43 - Growing from cybersecurity 53:29 - Connect with Sam Curry // Conclusion Telsa Ferrrari Porsche BMW Mercedes Rolls Royce Kia Flipper Zero car hacking mr robot sdr car cars auto hacking kia hacking ferrari hacking land rover hacking automative hacking hackers hacking a car how to hack a car hacking keyless entry hacking cars wireless car control Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cybersecurity #hack #hacking

@johnwesley256

Ай бұрын

Many cars steal all the data on your phone in America (to sell) nowadays and is becoming a legal issue as the FBI has been buying this information without warrants. My question is could you put something like a RAT (remote access tool) or a php like the (DVWA) damn vulnerable web app on your phone then get remote access or exploit their systems and/or their servers? Edit: AT&T has been caught giving customer information to the government without a warrant and freely.

@user-uo6pc3pi1i

Ай бұрын

Please do videos on multiband jammers (sadly there only seems to be chinese ones that are really available). Such devices are on alldeals, jammerstore, jammerpro etc. I want to know if these things work (VHF, UHF, WIFI, L1, L2, 2.4G, 4G)

@RAM_845

Ай бұрын

EVs will be a hackers paradise especially government hackers. No that I think about it, he does look like Jay Leno.

@tonyfaulknor8273

Ай бұрын

22:31 That isn't a hack, that's a secret innocuous design feature. A way for centralized parties to commit 'accidents'.

@tonyfaulknor8273

Ай бұрын

Addendum: Peer to peer IPv6 infrastructures and architecture, resolves for this, and only one commodity data ledger endeavors to utilize this within is' protocol.

Great interview. My two favorite parts: "it was only available for 10 minutes" yeah right Porsche, and "you might not get arrested" at the end, fun is fun until you end up in jail. We need to make more room for ethical hacking! Sam's work should be celebrated and supported even more than it is.

This has to be one of the coolest interviews so far very fascinating

Currently in a cybersecurity retraining course and this has been very informative. I appreciate the work you do David. Thanks Sam

Welders are the same way, we make welding look easy. Then whenever someone tries it. They find out how hard it is.

AMAZING INTERVIEW....by far one of my favs...I love how humble and down to earth both you David and Sam are!! Modern Day Superheroes!!

Incredible vid David. It is so interesting how taking the time to understand how these RF devices work it can be trivial to compromise.

@davidbombal

Ай бұрын

Thank you. Sam and his friends hack millions of devices and cars. Just amazing.

@mytechnotalent

Ай бұрын

@@davidbombal yes Sam really is amazing and I hope it inspires others to really learn RF and how these devices work down to the metal.

@BillAnt

Ай бұрын

​@@davidbombal - Wireless systems are inherently insecure, no matter how well encrypted, there's sometimes a flaw which can be exploited. That's why wired systems are inherently more secure, though nothing is 100%.

Such an awesome guest, story, and anything is possible! Happy to hear he was able to see the world! 🎉

Great content as always! Many thanks from a big fan of your channel in Tokyo❤️

If the manufacturers get self-driving sorted and with that will come a summons feature, you're potentially looking at the thief having the car come to them.

@iam1smiley1

Ай бұрын

You can summons Tesla and some Kia already.

This was super interesting. The more I watch these videos the more I want to learn.

Thank you for your work :)

People think I'm crazy and paranoid when I talk about the possibilities like this. Crazy a little but paranoid no, just simply observing how things are and coming up with scenarios in my head for how they could be exploited.

Here in Australia you can find a vehicles VIN number by doing a rego check on the vehicle so you don’t even need to be near that vehicle.

@FlakeyPM

Ай бұрын

Exactly what I thought

@lyfandeth

Ай бұрын

Here in the Colonies, you have to provide government ID and pay a nomial sum to get vehicle information. When a car is stolen, those names are immediately suspect. Althrough crooked cops and clerks to do this for cash as well.

@PubRunner

Ай бұрын

@@lyfandethin Victoria all you need is the rego plate. You then have the vin number

Great Video David. Keep it coming 😊

This is very interesting. I know the ISP I was with over 5 years ago (might be the same one - not sure) could see how many devices were connected) . When I was speaking to them on the phone setting it up she actually told me as she was monitoring my modem / router from the ISP. I can't remember if it was when I was on ADSL

Both inspired AND jealous, Great interview!

@OurSpaceshipEarth

Ай бұрын

That sums it up. What more needs said..

That kid spoke words I've never heard before lol. What a fascinating insight as to how these guy's do what they do. Wonderful to listen to.

Thank you for the quality content. Keep up the good work.

@davidbombal

Ай бұрын

Thank you. I appreciate that :)

Very informative, cant wait for the next podcast/interview!

@davidbombal

Ай бұрын

Thank you! More coming soon 😀

Great interview David

Great video as always!

@davidbombal

Ай бұрын

Thank you! Glad you enjoyed it!

It's commendable of him to have stayed so down-to-earth after having accomplished so much in so little lifetime.

He said fascinating about 50 times, and it actually was fascinating what followed... 😅 loved it!

Hell of a young man, especially hearing the last 10 minutes of the interview about his home life growing up.

Fantastic interview! Thank you

@davidbombal

Ай бұрын

Thank you! Glad you enjoyed it!

Bro is living his best life.

Really cool interview! But this is the reason I don't want a car with wireless connections that I don't control. And yes, I have disabled the GPS and GMS antenna in my car, making it "offline".

@OurSpaceshipEarth

Ай бұрын

bad news, the antenna just extends the vector, that cvode is prolly still running someone just needs to be on your car. Hax0r hood ornament :)

@Blueice294

Ай бұрын

It can still be hacked because your car runs on electricity all they need is to get the signal that your key gives and do a copy of

@TheJensss

Ай бұрын

@@Blueice294 That is true, but it is a completely different thing than the car spying on you and sending the data to someone

Probably the most alarming video I've seen you post. And wow, do I feel inadequate now.

What about if you have your ISP’s modem set to bridge mode, is that more secure? While it doesn’t have an ip address itself my IPS can still stuff to it by connecting to its MAC address which it uses to authenticate that modem/router on their network. Like reset it or update it.

@kylecurry6841

15 күн бұрын

Generally bridge mode turns off any management UI access given it's just forwarding anything that moves through it as is dropped to layer 2 functionality, however connection by MAC alone I don't think is the case. What is possible, though, is the potential for management UI access on a hidden layer 3, or alternate interface that could possibly exist on the WAN only side of more modern modems, where an ISP could still have access on say a management VLAN so that they could carry out support with software defined controls in cases where customers choose to bridge mode their modems.

@PubRunner

15 күн бұрын

@@kylecurry6841thanks

I remember reading about a security issue in Tesla where an owner that locked/unlocked their tesla via NFC, automatically opened a Bluetooth backdoor on the car as well, and through this door - which remained open for 130 seconds since the (un)lock action - an attacker could register another tesla key for that car, without the car owner receiving any kind of notification about a new key being registered.

There is a key for every lock. You can't make anything theft proof but you can make it difficult. My Tesla requires a PIN number in order to drive it. The automakers don't put that feature in their cars because lots of cars are stolen and shipped out of the country which means more business for the automakers. This was actually on 60 minutes. So I enabled the PIN number security to drive my Tesla.. Of course the pin number is stored somewhere and most likely a hacker could access it, but that would prevent 95% of the thefts.

@andrewferguson6901

8 күн бұрын

Low hanging fruit is a big deal in the world of automation, don't be the low hanging fruit

So freaky. I race cars every day, could you potentially see teams/people hacking other cars, say f1? Gt3? Maybe even NASCAR? Etc..?

@davidbombal

Ай бұрын

It's a worry ... more and more of our devices are getting connected ... and hackers like Sam and his friends can do so much damage (very glad that Sam is on the right side and hack ethically).

@Tim_ToolMayne_Taylor

Ай бұрын

As the industry moves towards EV and include more and more systems within cars, I can see this being a serious concern.

@NicolaiFPV

Ай бұрын

@@Tim_ToolMayne_Taylor it’s a real fear of mine. Like red dawn… lol. But as my racing career progresses, we are seeing more digital controls in cars, from tunes to disablers, how can we protect drivers from serious harm. Are these companies actually concerned and implementing extended safety measures? Or is it up to people like David and Sam to save the world?

@OurSpaceshipEarth

Ай бұрын

it's the entertainment systems that are vulnerable in everything (including planes) F1 doesn't even have a cup holder let alone a network stack running onboard:P (actually yes it probably is networked to the pit team ..) hmm

@iam1smiley1

Ай бұрын

If they have access to an internet connection, it's likely possible.

2:40 : Wow! That's cool that he did a lot! Thank you for the video upload David!

Do you recommend a home firewall??? Or just a VPN?

Yup it's been done to my vehicle once...however was able to manage what was done

Hello teacher thank you for a video you are my favourite teacher ❤❤❤

Cracking interview.

How can I test this on my car from your blog? Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the VIN number. What app/device did you use?

I like this guy. He's sharp and knows how the governments can get anyone at anytime if they have a digital paper trail.

I did a scooter hack. Turns out you could use the bluetooth connection while a rider was also using it. I decompiled the app used with the scooters and worked out the commands accepted (including some still in the app but unused). In the end I could use a mobile phone with an app for BLE, to send the command to reset the scooter while someone was riding it. Good fun playing 'knockout the scooter' and getting someone to abandon it.

Thank you

Imagine, if you build an license plate scanner, that does an reverse lookup to fetch the VIN number and auto sends commands to every plate scanned.

do what makes you happy always thank you sam 🤓

The style of the pictures on Sam's blog page reminds me for Jack Rhysider. I think it could be cool if David and Jack make a podcast with each other.

@dawidvanstraaten

Ай бұрын

Jack was on the channel a few years ago.

@istvanbarta

Ай бұрын

@@dawidvanstraatenyeah, you're right, I even saw that video too, but somehow I forgot, thank you! :)

How will I get certified in udemy do I need to write a exam and I have to pay for it or only enrolling the course will give me access to that exam ?

How secure is apples built in vpn. Does it do all traffic. Or just your safari use

good job david 😅

@davidbombal

Ай бұрын

Thank you!

I used to have a 1970 Opel Kadett 1.9L Rallye that was yellow, had the black stripes down the side of the car towards the bottom. It was a "barn find" as it had been sitting outside against a barn for ages. One side was almost perfect and the other side was a smidge bit rusty. It had almost every option for the car you could have including the extra guages on the inside mounted under the dash, and those big old round fog/driving lights mounted on the front of the car. Had i had the time and extra money back then i would have fixed the rust etc and swapped in a boosted V8 lol. Instead someone from New Zealand reached out to me and i sold it to them for an astounding $9500. I havent seen one since. Funny thing was mine was road worthy and even had a bottle of Lead additive for the gas tank lol.

great episode.

For hotels & free wifi we don't need to use vpn, using secure dns with our devices encrypts all of our traffic and they cannot know anything. For win 11 the configuration is out of box and encrypts all dns traffic from computer. Same for mac/iphones, we can easily install profile that configures for all traffic coming out of devices.

All you got to do is change your DNS routing from your ISP to like say cloudflare or something back in the day

@SirPeterlll

Ай бұрын

Maybe back in the day but dont think it matters these days.

Just thought of this idea what if all those self driven cars were hacked and here we go.

You are the best teacher in hacking or tech video love you❤❤❤

@davidbombal

Ай бұрын

Thank you. You are very kind!

Amazing interview 52:24 😊

Sorry to jump on the feed about a post that doesn't relate to this topic but I have a question. When you capture a four-way handshake and that router has WPS can I use crunch to generate a dictionary with pins from 00000000 - 99999999 And do an offline crack with that handshake with the dictionary 🙏🏻

@OurSpaceshipEarth

Ай бұрын

if the router has wpss PIN enabled you can attack that pretty trivially. once you have the passkey you don't ned to h4x0r anything.

@curtisjones1987

Ай бұрын

Thank you so much, you have taught me so much and my knowledge has grown so much. I love your channel and your videos. So a huge thank you 🙏🏻

After the latest news (26/03/2024), maybe the team should check whether you can remotely disable ships after what just happened in Baltimore. A remote anti-piracy measure coupled with google maps and ship tracking website would be rather dangerous. The operator was Maersk.

IoT's and Zigby are the next big hack i think and it's terrifying.

So how do you protect your home without slowing down the internet?

All that's happened to me the last 2 years. Trying to save my own devices. Replaced 2 pcs. Then find out my ISP was compromised and got worse and worse. Can't convince my elder grandparents all this is even possible. It literally just keeps getting worse and worse of a situation for me... too stupid to soak in all this info to put it all together successfully. About to just not have devices. It's sad. Especially when everyone that I reach out to make fun of me because "wipe the drive" is the only solution. Or get told "I know enough to fuck it all up but not fix it" but I had got scammed originally when I called for help. So I've learned, not to ask for help, it sucks to suck, and know everything about what you don't know before you physically try it. Lol.

at the end of the day, if you are connected you can be hacked, just unlucky if you are!

Yes, not only can they reset, turn off modem, they can see your traffic and GBs a second EDIT: No matter the equipment it can be seen.

Does Sam Curry listen to Sam Cook while hacking?

are these vulnerabilities still compromisable or they been mitigated already before the interview?

Good thing I drive stick shift.

What I wonder more is how many of these disclosed vulnerabilities actually patched? PS: Another reason to reiterate if it says smart it's unsafe.

Like the film "Leave the World Behind", there is a scene where a Tesla car is hacked. Will the future be like that?

you really could crash the cars i work on cars if you knew the can bus codes for transmission shifting and the throttle is drive by wire witch means its controlled by the computer that is from a parked position .

Car hacking...how do we protect against that lol

Beating the system one line of code at a time.

What can we do to protect our cars if anything?

@OurSpaceshipEarth

Ай бұрын

Go to your dealer and get your cars radio networking protocols turned off, eg:BLUETOOTH, WiFi, NFC because that will limit your vector exposure to physical access vulns.

@davidd2294

Ай бұрын

Nothing just hope no one hacks you 😂

Q: what right does the US have to arrest you in japan?

Q: Have you read the code? Is there a back door? Can I hack it with rsh,telnet,VPN hacking software, etc. Does it tell you you've been hacked ..lied to you to gain your trust in their software? Also,a lot of software is just recycled and replanted into what appears to be new software!

@davidrussell8795

24 күн бұрын

Are VPNs really secure??

I kinda want to replay watch dogs 2…

i have alredy got the car hacking course 😂

Damn, Omaha isn't THAT small lol

"Like. Like. Like" good "like" interview , "like" keep up the "like" good work.

How Any device imei number trace

Greetings: I am sure glad I havw a vehicle with 2 separate keys and not the new Hi-Tech junk. I said B4 and I will say it aga: technology is leading 2 our demise. Thx 4 the share.

We should not hook cars up to the Internet.

They can still get your info from the vpn company, feels like a bad vpn advert

@grayhatguycompany1074

Ай бұрын

Proton is a Swiss company with associated privacy laws check the T&Cs

Thats good❤

@davidbombal

Ай бұрын

Thank you!

@FreemanAkusun

Ай бұрын

@@davidbombal yo bro I want to learn hacking

Oh Daaam, jay leno time traveled 40 years back and found interest in hacking! wd mate.

Some time reply us too

@davidbombal

Ай бұрын

Not sure what you mean? But, hello!

Yeah 100%

What is behind him!?

@davidbombal

Ай бұрын

You referring to the monitor?

@RichardBaran

Ай бұрын

​​​@@davidbombaloo i see it now. That's the stand. Ha! Thank you. I'm like 40 minutes in and its been driving me nuts. Lol

@RichardBaran

Ай бұрын

Ps. Awesome interview you have some of the best interviews. Your style doesn't treat the viewers/listeners like their dumb unlike a lot of hacker interviews.

@RayHaubrich

Ай бұрын

Looks Like a 21:9 Cinema Display 😊

is this guy a secret love child of Jay Leno? dude has got a head shaped like Jay Leno, he also looks like he stole Jay leno's hair style too

learn from the best

Hi I actually own that car and it makes me really sad lol

It wasn't a mistake at the airport. They targeted you and may have been on a payroll of the gov corps.

Separate network for IOT

So much left to learn just when I think I'm getting somewhere😢

Never gunna buy any car made after 2016!!!

David is that you gov-boi ?

I think he's had a big advantage in the hacking world by growing up with computers and networks and software to hack. People my age didn't have computers to hack until our late teens. I mean, sure you could hack the Doom WAD file. Maybe write a batch file that would delete someone's computer files but networks and viruses just weren't as common. Also, he looks like Jay Leno. Now I have to wonder - who is going to us AI to find and exploit vulnerabilities to attack other nations. I have no doubt it's either in the works or it's being used already. Most likely the big players - USA, Russia, Iran, India, China, NK, Australia, Germany. France and the UK. Hacking into power grids, vehicles, financial institutions. Please somebody h@ck the ATF and IRS and delete everything.

The only VPN I am using is my home VPN server....

Hi

@davidbombal

Ай бұрын

hello!

What about Military vehicle??

porsche, porsche, porsche.... cmon, it's fkn volkswagen #logoland

Do you realize you suggested stealing,train tuckets, or subway tickets! Calgary arrests you for not paying! Your giving tge young newbies ideas!😮