Hackers remotely hack millions of cars! 

Sam and his friends hack Scooters, Routers, Domain Providers and lots of cars: Ferrari, Porsche. BMW, Rolls Royce, Kia and many more! Get Proton VPN for free: davidbombal.wiki/protonvpn3 Big thanks to Proton for Sponsoring the video! // Sam’s SOCIAL// X: x.com/samwcyo Website: samcurry.net/ Blog: samcurry.net/blog/ Car hacking: samcurry.net/web-hackers-vs-the-auto-industry // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RU-vid: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // Menu // 00:00 - Coming up 00:57 - Proton VPN sponsored segment 01:55 - Sam Curry background 04:11 - Big impact vulnerabilities // "Finding out I was hacked" 11:10 - Sam's blogs 11:40 - Hacking Apple for 3 months 13:57 - Red Teamers vs the law 18:40 - Hacking Ferrari, Mercedes, BMW, etc. 27:57 - The dangers of centralized systems 31:13 - Hacking Tesla cars 34:09 - The real threat of hacked vehicles 37:45 - Taking over TLDs // Vulnerable domains 41:38 - Hacking car manufacture domains 45:15 - Growth in cybersecurity 46:41 - Coming from a small town // More opportunities than ever 48:28 - How to get into hacking/cybersecurity 51:43 - Growing from cybersecurity 53:29 - Connect with Sam Curry // Conclusion Telsa Ferrrari Porsche BMW Mercedes Rolls Royce Kia Flipper Zero car hacking mr robot sdr car cars auto hacking kia hacking ferrari hacking land rover hacking automative hacking hackers hacking a car how to hack a car hacking keyless entry hacking cars wireless car control Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cybersecurity #hack #hacking

Great interview. My two favorite parts: "it was only available for 10 minutes" yeah right Porsche, and "you might not get arrested" at the end, fun is fun until you end up in jail. We need to make more room for ethical hacking! Sam's work should be celebrated and supported even more than it is.

This has to be one of the coolest interviews so far very fascinating

Currently in a cybersecurity retraining course and this has been very informative. I appreciate the work you do David. Thanks Sam

Such an awesome guest, story, and anything is possible! Happy to hear he was able to see the world! 🎉

Incredible vid David. It is so interesting how taking the time to understand how these RF devices work it can be trivial to compromise.

This was super interesting. The more I watch these videos the more I want to learn.

it's also fascinating how much privacy is taken from us with these systems and no one blinks an eye to question it

Great content as always! Many thanks from a big fan of your channel in Tokyo❤️

That kid spoke words I've never heard before lol. What a fascinating insight as to how these guy's do what they do. Wonderful to listen to.

Both inspired AND jealous, Great interview!

If the manufacturers get self-driving sorted and with that will come a summons feature, you're potentially looking at the thief having the car come to them.

Here in Australia you can find a vehicles VIN number by doing a rego check on the vehicle so you don’t even need to be near that vehicle.

Bro is living his best life.

This is very interesting. I know the ISP I was with over 5 years ago (might be the same one - not sure) could see how many devices were connected) . When I was speaking to them on the phone setting it up she actually told me as she was monitoring my modem / router from the ISP. I can't remember if it was when I was on ADSL

Thank you for your work :)

I remember reading about a security issue in Tesla where an owner that locked/unlocked their tesla via NFC, automatically opened a Bluetooth backdoor on the car as well, and through this door - which remained open for 130 seconds since the (un)lock action - an attacker could register another tesla key for that car, without the car owner receiving any kind of notification about a new key being registered.

Very informative, cant wait for the next podcast/interview!

For hotels & free wifi we don't need to use vpn, using secure dns with our devices encrypts all of our traffic and they cannot know anything. For win 11 the configuration is out of box and encrypts all dns traffic from computer. Same for mac/iphones, we can easily install profile that configures for all traffic coming out of devices.

Great Video David. Keep it coming 😊

Thank you for the quality content. Keep up the good work.

Great video as always!

Really cool interview! But this is the reason I don't want a car with wireless connections that I don't control. And yes, I have disabled the GPS and GMS antenna in my car, making it "offline".

Hell of a young man, especially hearing the last 10 minutes of the interview about his home life growing up.

It's commendable of him to have stayed so down-to-earth after having accomplished so much in so little lifetime.

2:40 : Wow! That's cool that he did a lot! Thank you for the video upload David!

The other day I saw a video about COX and how they were hacked. A basic flaw in their API or something like that. A developer found it and reported to them... it took them about 3 months but the vulnerability seems to be fixed now... and the guy who found it finally went public with the disclosure.

He said fascinating about 50 times, and it actually was fascinating what followed... 😅 loved it!

Fantastic interview! Thank you

Great interview David

Probably the most alarming video I've seen you post. And wow, do I feel inadequate now.

So freaky. I race cars every day, could you potentially see teams/people hacking other cars, say f1? Gt3? Maybe even NASCAR? Etc..?

Yup it's been done to my vehicle once...however was able to manage what was done

Welders are the same way, we make welding look easy. Then whenever someone tries it. They find out how hard it is.

Good thing I drive stick shift.

Imagine, if you build an license plate scanner, that does an reverse lookup to fetch the VIN number and auto sends commands to every plate scanned.

Hello teacher thank you for a video you are my favourite teacher ❤❤❤

People think I'm crazy and paranoid when I talk about the possibilities like this. Crazy a little but paranoid no, just simply observing how things are and coming up with scenarios in my head for how they could be exploited.

Yes great debate material for electric vehicles

I like this guy. He's sharp and knows how the governments can get anyone at anytime if they have a digital paper trail.

All you got to do is change your DNS routing from your ISP to like say cloudflare or something back in the day

What about if you have your ISP’s modem set to bridge mode, is that more secure? While it doesn’t have an ip address itself my IPS can still stuff to it by connecting to its MAC address which it uses to authenticate that modem/router on their network. Like reset it or update it.

I did a scooter hack. Turns out you could use the bluetooth connection while a rider was also using it. I decompiled the app used with the scooters and worked out the commands accepted (including some still in the app but unused). In the end I could use a mobile phone with an app for BLE, to send the command to reset the scooter while someone was riding it. Good fun playing 'knockout the scooter' and getting someone to abandon it.

There is a key for every lock. You can't make anything theft proof but you can make it difficult. My Tesla requires a PIN number in order to drive it. The automakers don't put that feature in their cars because lots of cars are stolen and shipped out of the country which means more business for the automakers. This was actually on 60 minutes. So I enabled the PIN number security to drive my Tesla.. Of course the pin number is stored somewhere and most likely a hacker could access it, but that would prevent 95% of the thefts.

good job david 😅

Cracking interview.

The style of the pictures on Sam's blog page reminds me for Jack Rhysider. I think it could be cool if David and Jack make a podcast with each other.

How can I test this on my car from your blog? Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the VIN number. What app/device did you use?

Thank you

I just watched a video the other day about the same thing with cox! he said he found out the same way too!!

After the latest news (26/03/2024), maybe the team should check whether you can remotely disable ships after what just happened in Baltimore. A remote anti-piracy measure coupled with google maps and ship tracking website would be rather dangerous. The operator was Maersk.

great episode.

How secure is apples built in vpn. Does it do all traffic. Or just your safari use

How will I get certified in udemy do I need to write a exam and I have to pay for it or only enrolling the course will give me access to that exam ?

IoT's and Zigby are the next big hack i think and it's terrifying.

do what makes you happy always thank you sam 🤓

Do you recommend a home firewall??? Or just a VPN?

imagine how pro you're that an APT group hacks your home router :)

Amazing interview 52:24 😊

Just thought of this idea what if all those self driven cars were hacked and here we go.

I want a new Vehicle less and less these days. I defensively do not want a vehicle with a key-less start or that is connected to a network. I am happy with my now older vehicle with a Key, basic controls and a Manual Transmission. I am very disappointed in the Auto Industry for not offering an option for a Simple Basic Reliable Automobile that is not connected and that does not have a Infotainment System. No Sail as far as I am concerned. I want options for something that I am potentially paying thousands of dollars for.

Does Sam Curry listen to Sam Cook while hacking?

We should not hook cars up to the Internet.

Yes, not only can they reset, turn off modem, they can see your traffic and GBs a second EDIT: No matter the equipment it can be seen.

All that's happened to me the last 2 years. Trying to save my own devices. Replaced 2 pcs. Then find out my ISP was compromised and got worse and worse. Can't convince my elder grandparents all this is even possible. It literally just keeps getting worse and worse of a situation for me... too stupid to soak in all this info to put it all together successfully. About to just not have devices. It's sad. Especially when everyone that I reach out to make fun of me because "wipe the drive" is the only solution. Or get told "I know enough to fuck it all up but not fix it" but I had got scammed originally when I called for help. So I've learned, not to ask for help, it sucks to suck, and know everything about what you don't know before you physically try it. Lol.

Like the film "Leave the World Behind", there is a scene where a Tesla car is hacked. Will the future be like that?

So how do you protect your home without slowing down the internet?

at the end of the day, if you are connected you can be hacked, just unlucky if you are!

You are the best teacher in hacking or tech video love you❤❤❤

Sorry to jump on the feed about a post that doesn't relate to this topic but I have a question. When you capture a four-way handshake and that router has WPS can I use crunch to generate a dictionary with pins from 00000000 - 99999999 And do an offline crack with that handshake with the dictionary 🙏🏻

What I wonder more is how many of these disclosed vulnerabilities actually patched? PS: Another reason to reiterate if it says smart it's unsafe.

Q: what right does the US have to arrest you in japan?

Is there a way to retrieve any logs for remote interference? Someone (GK) turned my Reverse mode to Drive mode. Excellent work 😂

you really could crash the cars i work on cars if you knew the can bus codes for transmission shifting and the throttle is drive by wire witch means its controlled by the computer that is from a parked position .

are these vulnerabilities still compromisable or they been mitigated already before the interview?

Greetings: I am sure glad I havw a vehicle with 2 separate keys and not the new Hi-Tech junk. I said B4 and I will say it aga: technology is leading 2 our demise. Thx 4 the share.

I kinda want to replay watch dogs 2…

To sa ti pri kolobežke stať nemôže 😂😂😂

So much left to learn just when I think I'm getting somewhere😢

By the way Capone was indicted 6 times 😅

Beating the system one line of code at a time.

My 2021 Jeep Cherokee Latitude Plus was hacked every nanosecond of my day for I am targeted and have been for 6 plus years now.

Damn, Omaha isn't THAT small lol

Q: Have you read the code? Is there a back door? Can I hack it with rsh,telnet,VPN hacking software, etc. Does it tell you you've been hacked ..lied to you to gain your trust in their software? Also,a lot of software is just recycled and replanted into what appears to be new software!

Oh Daaam, jay leno time traveled 40 years back and found interest in hacking! wd mate.

Hi I actually own that car and it makes me really sad lol

What can we do to protect our cars if anything?

Car hacking...how do we protect against that lol

Some time reply us too

is this guy a secret love child of Jay Leno? dude has got a head shaped like Jay Leno, he also looks like he stole Jay leno's hair style too

Separate network for IOT

That is not true about degrees. I’m 31 out of work with knowledge in Networking, server deployment and I can’t get a job why? Because everyone wants a piece of paper with maths and English grades. I have learning support and ADHD I’m stuck on social security out of work. Employment people wants maths and English. I have qualifications in Networking but due to my learning support I have no Job. No one is interested.

i have alredy got the car hacking course 😂

Never gunna buy any car made after 2016!!!

What is behind him!?

It wasn't a mistake at the airport. They targeted you and may have been on a payroll of the gov corps.

They can still get your info from the vpn company, feels like a bad vpn advert

David is that you gov-boi ?

learn from the best

The only VPN I am using is my home VPN server....