Capabilities of Hackers, Tools Hackers use, and 5 Things You Can Do To Protect Yourself
Summary
TLDRIn this engaging script, the speaker demonstrates the potential for everyday devices to be hacked, from Wi-Fi networks to cars and even airplanes, using a variety of tools and techniques. The conversation delves into the vulnerabilities of modern technology, the risks of data breaches, and the importance of cybersecurity. The speaker also provides practical advice on how individuals can protect themselves from such threats, emphasizing the need for vigilance and the use of security measures like password managers and RFID-blocking wallets.
Takeaways
- 🛡️ Wi-Fi networks can be compromised; it's illegal to create fake networks, but it's possible to do so to steal passwords and data.
- 🔒 Always be cautious of phishing emails, which can appear legitimate but are used to steal credentials.
- 🚗 Be aware of potential car theft through key frequency jamming or garage door remote code capturing.
- 🏠 Devices in your home, such as smart appliances, can be vulnerable to hacking, even if they have no apparent reason to connect to the internet.
- 📱 Credit card information can be stolen through NFC skimming, so be vigilant when making transactions.
- 🔋 Many everyday devices with remote connections, such as TVs, projectors, and audio devices, can be hacked if they have a battery and reach outside the device.
- 💻 Wireless keyboards and mice can be vulnerable to attacks that control the devices remotely, sending keystrokes faster than a human can type.
- 🔑 RFID and NFC technologies are used in access control and credit cards, but they can be cloned or manipulated if not properly secured.
- 🛒 Online shopping and browsing habits can be tracked and used for targeted advertising, potentially compromising privacy.
- 🔒 Use a password manager, antivirus software, and consult with cybersecurity experts to protect personal data and devices.
- 🚫 Be cautious with websites and avoid clicking on suspicious links or opening files from untrusted sources to prevent malware infections.
Q & A
What is the speaker demonstrating with the small antenna?
-The speaker is demonstrating the ability to receive signals from airplanes, which is not illegal, but warns that transmitting could be problematic.
What is the primary concern with the devices mentioned in the script?
-The primary concern is that many devices with remote connections are hackable, and the speaker discusses various ways these devices can be compromised.
What is a phishing email and how can it compromise a user?
-A phishing email is a fraudulent email that appears to be from a legitimate source but is designed to steal the recipient's credentials or personal information.
What is the risk associated with car key frequencies and garage door openers?
-The risk is that someone could capture the frequency and use it to steal the car or gain unauthorized access to the garage, as some models' rolling codes have been broken.
What is a 'man in the middle attack' and how does it work?
-A 'man in the middle attack' is a type of cyber attack where the attacker intercepts communication between two parties, potentially altering the content or stealing information without either party's knowledge.
What is the purpose of the 'Flipper Zero' device mentioned in the script?
-The 'Flipper Zero' is a device with custom modifications that can perform various hacking tasks, including creating fake Wi-Fi networks and intercepting data.
What does the speaker suggest as a precaution against hackers for wireless keyboards and mice?
-The speaker suggests using wired keyboards and mice as a precaution, as many wireless devices are vulnerable to hacking.
What is RFID and how can it be exploited by hackers?
-RFID (Radio-Frequency Identification) is a technology used in access control badges and other devices. Hackers can exploit it to clone badges or gain unauthorized access.
What is the potential risk of devices connecting to foreign servers?
-Devices connecting to foreign servers could be at risk of having their data intercepted or manipulated, potentially leading to compromised security and privacy.
What are some simple steps people can take to protect themselves from hackers according to the script?
-Some steps include using a password manager, installing antivirus software, consulting with cybersecurity experts, using RFID blocking wallets, and being cautious with website visits.
What is the significance of zero-click exploits and how do they differ from other hacking methods?
-Zero-click exploits are significant because they do not require any user interaction to infect a device. They are more dangerous as the user is unaware of the compromise and cannot prevent it.
Outlines
🔒 Daily Cybersecurity Threats and Prevention
The speaker discusses the omnipresence of cybersecurity threats in daily life, from potential Wi-Fi hacking to phishing emails and car key signal jamming. They demonstrate the creation of fake Wi-Fi networks as an example of how data can be intercepted. The paragraph emphasizes the importance of vigilance and the potential for hacking into various devices, including remote controls and access control badges, highlighting the flipper zero device with custom modifications as a proof of concept for such vulnerabilities.
🛰️ Advanced Hacking Techniques and Device Vulnerabilities
This section delves into more sophisticated hacking methods, including creating fake Wi-Fi networks to intercept user connections, manipulating wireless mouse and keyboard signals, and exploiting RFID and NFC devices for unauthorized access. The speaker mentions the flipper device's capabilities with custom firmware, detailing its uses in hacking various technologies, such as wireless keyboards, car keys, and access control systems. They caution against underestimating the device's potential and the need for proper knowledge to use it ethically.
✈️ Exploiting Aircraft Communications and Everyday Devices
The speaker explores the possibility of hacking into aircraft communication systems using ADSB technology, noting the illegality of transmitting false information. They also discuss the vulnerability of everyday devices like vacuums and mops that connect to servers, potentially allowing for unauthorized control. The paragraph raises concerns about the origin of electronic devices, particularly from China, and the potential risks of data collection and manipulation by foreign entities.
🛡️ Simple Security Measures Against Cyber Threats
The speaker provides practical advice on protecting oneself from hackers, such as using a password manager, installing antivirus software, consulting with cybersecurity experts, and employing RFID blocking wallets. They also stress the importance of being cautious with website visits and recognizing potentially unsafe sites. The paragraph concludes with a discussion on the prevalence of spam calls and texts, the potential risks they pose, and the difficulty of defending against zero-click exploits that do not require user interaction.
Mindmap
Keywords
💡Hacking
💡Wi-Fi
💡Phishing
💡Frequency Jamming
💡Man-in-the-Middle Attack
💡DNS Attack
💡NFC
💡RFID
💡Zero-Click Exploit
💡Password Manager
💡Antivirus Software
💡RFID Blocking Wallet
💡Key Fob
Highlights
Discussion on the potential to create fake Wi-Fi networks to steal passwords and intercept data.
Explanation of how to secure against phishing emails and the importance of verifying the sender's identity.
Vulnerability of car key frequencies to jamming and unauthorized access to vehicles.
Risks associated with garage door openers and frequency capture on 433 megahertz.
The potential for credit card information theft through proximity to a person at a school.
Hacking capabilities of everyday devices like TV remotes, projectors, audio devices, and ceiling fans.
Introduction to the flipper zero device and its custom modifications for various hacking purposes.
Demonstration of creating fake Wi-Fi networks and the risks of connecting to them.
Man-in-the-middle attacks in public places like airports and the risks of using public Wi-Fi.
The security of Gogo Inflight Wi-Fi and the measures taken to prevent hacking.
Techniques to hack into wireless mice and keyboards, emphasizing the risks of unsecured devices.
The flipper zero's ability to perform RFID and NFC attacks on access control badges and credit cards.
Listing various devices that can be hacked using a single device, emphasizing the breadth of potential vulnerabilities.
The flipper zero's capability to brute force PIN codes on devices like jukeboxes for full control.
Concerns about the security of electronics, particularly those manufactured in China, and potential backdoors.
The value of data collection for targeted advertising and the risks of smart devices connecting to foreign servers.
Recommendations for protecting oneself from hackers, including using a password manager and being cautious with websites.
Discussion on the prevalence of spam calls and texts, and the potential risks associated with opening them.
Explanation of zero-click attacks and the impossibility of defending against them once deployed.
Transcripts
I'm not gonna hack your Wi-Fi but I'll
give you a little example of what I
could do so all of these networks here
they probably appear to be legitimate
right it's very illegal to do that of
course but if I wanted to go outside
right now I could even demonstrate later
for you you know I pull this antenna out
this is just a small antenna and we
could receive airplanes see where
they're at there's nothing illegal about
receiving them transmitting is where it
gets a little bit funky
man you are a dangerous man
let's go through all the things that you
personally could have if you wanted to
um I mean there's it's countless but I
could give you some major daily things
uh absolutely let's talk about some of
the devices those devices you have right
here let's talk about all the stuff you
can hack into sure and then and then
we'll get into maybe how we can prevent
that a little bit so I guess we'll just
start with a daily routine you know you
wake up in the morning you uh you make
your coffee or maybe you take your phone
off the charger and you um you check
your phone in the morning you might you
might check your email you might have
you got to make sure you every email
that you have while you're half asleep
is coming from a real person it's not a
phishing email someone pretending to be
a company that they're not stealing your
credentials then you go outside to your
garage you get in your car and you have
to make sure that there's nobody out
there listening for your you know your
car key frequency while jamming your car
so that they could steal your car later
or access your car later and then when
you go hit your garage door button that
somebody doesn't capture that frequency
on 4 33 megahertz and uh and you know
and those rolling codes have already
been broken for most of the models
um so then you get in your car and
you're driving to uh to to your office
or to your kids school doing whatever
you want and um
you know you could get out you let your
kid out to school and now somebody as
you walk into school just skimmed your
back pocket and stole your credit card
information
so I mean all of that plus you know any
anything remote infrared like a TV
remote that goes for projectors uh audio
devices ceiling fans I mean very simple
stuff uh along with Access Control
badges anything sub gigahertz like like
key fobs or remote controls for anything
um parking Gates
so much everything everything I mean
everything anything with a battery and a
connection a remote connection in any
type of way where it reaches the outside
of that device is hackable or has been
hacked
what are these devices here
this is a water bottle
so this right here is a this is a
flipper zero with some custom
modifications
and uh it does a lot so this is just a
proof of concept device but when you
start to add your own little editions
onto it like this
um
let me uh let me enable for example
Wi-Fi I'm not gonna hack your Wi-Fi but
I'll give you a little example of what I
could do
I'll just do something stupid but
okay and then we'll do I'm not gonna
shut your network down
okay so now if you if
I can show you on my phone or you could
look at your phone but you'll see that
instead of me mirroring your network I
just created a bunch of fake Networks
so all of these networks here
they probably appear to be
legitimate right
yeah
but they're not these are all fake
networks they're all powered by me so as
soon as you connect to any of those I
have your password I have anything in
between
so that's that's one thing that's just
Wi-Fi and you just oh man
so this is so this is is this how people
are
stealing information
this is one of them anyways in in an
airport
in an airport oh yeah I mean airport
Starbucks
um when you uh it's called a man in the
middle attack so if I'm on the same
network as you I can essentially control
the traffic
uh you know as if I was the modem or
router so instead of when you type
google.com instead of your computer
telling the router you want google.com
you're telling my computer you want
google.com and I'm giving you what I
what I'm telling you google.com is
so it would be called a DNS DNS attack
so is this what people are using in the
airports when there's I'm not the
specific device this is just something
that I concocted together but the
flipper you can buy this thing on the
top here is is uh custom
I guess what I'm asking is this the
method they throw so could you can so
let's what does um would like Wi-Fi
flight or uh Gogo Gogo inflate yes
they're actually I mean you can
obviously you can hack anything but GoGo
inflate they they have a pretty good
segment on their Network so you're
pretty safe with GoGo uh you there's a
chance of getting hacked but not the
same as like a Starbucks or a or here
like you know your network has to be
segmented into chunks okay and uh go go
segments it pretty well okay I guess
what I'm saying is because you create a
fake Wi-Fi network with that thing that
says
go go
in Flight one yeah that must be it I can
do that here I mean it's a I can make
any any they're called as bssids ssids
the name of a network
you could do that with any name but
instead of that what you do is you just
scan the local area
and then you know I know all the
networks names around here and then I'll
Target all of them at the same time so
that that way anyone in this complex or
where we're at
um you know anyone that connects to a
network is going to you know think it's
their Network and they're going to
connect to me instead
holy that's just one of many Wi-Fi
attacks so there's many ways yeah what
else can this thing do oh this thing's
like the size of the palm of your hand
yeah well with this with this little you
know custom extension especially when I
have my big these aren't the big
antennas but I got big antennas because
you know I want to get long range but uh
you know that's Wi-Fi this this side of
things is also Wi-Fi but uh also it's an
NRF uh 24 so it does Wireless mice and
keyboards so if you use a wireless mouse
and keyboard not every single one of
them is vulnerable a lot but a lot of
them are I'd highly recommend you go
back to wired even though it sounds old
school that's what you should do because
I could control your mouse and keyboard
with this device and send keystrokes way
faster than you can type them and uh
take over your computer without even
having to see you or it so I could do
that through the wall
um
this is scaring the out of me
um and then I you know I the sub
gigahertz stuff with bigger antennas of
course I can go further away so with the
car car keys garages Gates anything
that's on radio frequency I could do
with this
um RFID that's Access Control badges for
doors and and pool Keys you know
anything that has like a little beeper
where you beep into the the door yeah
and NFC is credit cards and access
control and it does also some more
things too you could also like I could
tap your phone and give you my Instagram
or tap your phone and give you my
business card so NFC is a little more uh
versatile than RFID but they both
essentially are uh I believe it's called
passive uh devices they're powered by
the uh the receiver
they don't have a battery in them so
what let's just run through just a list
of all the things you can hack with that
one little device
I mean I don't want to make it into an
ad about flipper because it's not
flipper itself like I'll tell you but
I'm just saying that flipper itself if
you're gonna go online and buy one of
these and expect to be able to do
everything that I'm talking about you
need to have custom firmware or software
whatever you want to call it
um that allows you to do that and you
need to know how to modify it so don't
go out spending 180 on this device
thinking you're going to hack somebody's
car or steal their credit card because
that's not gonna happen
um but if I if you want to go down the
list
I mean there's a ton of things there's
like you know all the radio things I
just told you about
um the RFID stuff the NFC which is the
credit cards and and more infrared which
is TVs projectors and many other devices
gpio which is just anything that
connects to the outside of this device
so I can make devices work and this be
the controller for it uh I button which
is a form of authentication that uses
um these things these little metal
prongs as a key
uh bad USB which emulates a keyboard
types like you know a couple thousand
words a second wow or I'm sorry a minute
I'm sorry a thousand words a couple
thousand words a minute
uh and then it also has some use cases
that aren't hacking like uh two-factor
authentication this is a you know
offline device where you can generate
your two Factor without needing a device
that's connected to the internet
so it does that too and then there's a
ton of other sub applications that are
on here like hundreds of them that do
little little things so a lot just with
this one device this thing
you know it it does just radio but it
does a lot more than this thing really
yeah what does that one do this one you
can hack airplanes with I mean that I
mean that's an extreme but that's
something that you can actually
accomplish with this using adsb
um you can choose to either receive or
transmit
um so you can choose either receive or
transmit adsb with this device and
that's the frequency to tell a plane you
know this call sign position and and
more and um it's very illegal to do that
of course but uh if I wanted to go
outside right now I could even
demonstrate later for you think you know
I pull this antenna out this is just a
small antenna
um and we could receive airplanes see
where they're at there's nothing illegal
about receiving them
um transmitting is where it gets a
little bit funky you know uh but yeah
adsb this one does a lot I
something like a joke for example Touch
Tunes they're at a bar their little
jukebox machine Duke box machines that
you pay for yeah this device uh Brute
Forces them meaning goes through zero
zero zero to 999 looking for a PIN code
and once it gets it I can fully control
that jukebox like like I have like I'm
the owner of it so you know just just
for fun or Subaru car some some years of
Subaru I have this pre-programmed that
can unlock and unlock unlock and lock a
Subaru no problem
um I could do that with this as well but
this thing way stronger bigger range way
more support way more programs out there
this device is a lot more dangerous in
my eyes than that device really yep
man you are a I think if this is the
fifth time I've said it I think you are
a dangerous man but well I'm safe safe
you know ethical you could be if you
wanted to be I'm trying to go into
detail about these things just for the
just for the Nerds out there like me
that are listening I'm not going into
exhaustive detail about these devices
because most people are not going to
care so I'm just giving the general
overview oh I think I think they're
gonna care when they realize how
vulnerable they are no I don't mean they
don't care about what what they can do
but they care about the technical
specifics yeah
we get a lot of our we pretty much
everything that we have is from China
okay you know all of our Electronics
everything it all what do you say 90 of
it probably comes from China do you
think
we need to worry about what they're
putting in our Electronics
uh yeah yeah I mean I'll give you one
example I bought this awesome vacuum and
mop that's in one it's a All-in-One
Vacuum out called tinico and uh it
completely connects to a Chinese server
to uh to transmit and receive
information like I made it I made a joke
out of I actually have a video of it
where you could turn the audio on for it
like when you plug it in it says
charging started charging stopped like
when you put it on and off I can control
that with my computer through a Chinese
Cloud Server there's no reason that that
vacuum and MOB should connect to a
Chinese cloud
uh Cloud infrastructure whatsoever but
uh it does and at any point they could
change the way that functionality works
and take over my home network with this
vacuum mop
so are you serious with a vacuum mop yep
how many devices do you think has have
these things in them
anything with a Wi-Fi connection that's
you know not ever not everything's going
to be
China beaconing back and forth but
anything with a Wi-Fi you know anything
with Wi-Fi capability is going to open
up you know an attack vector washing
machines refrigerators just oh what is a
vacuum mop I don't know Wi-Fi capability
I'd love to tell you it's uh I have I
have the video I could show you I could
find it sometime but it's a I have that
and then I have the app I could show you
I can adjust the volume I can check when
the last time I used it doesn't need to
be cleaned does it you know it tells you
all that stuff but it's using a Chinese
server that I can control from my
computer now that I've captured the
traffic between the mop and the server
how many devices do you think we have
that are connected to a Chinese
server and what would they be getting
out of it
I mean it's all about data nowadays so I
mean I think that data is the most
important thing to them because it's
worth money and uh advertising dollars
or or would be spent better for you know
with targeted demographics so I think
that they're using that information to
Target you on the stuff that they that
you need you know if you or someone that
you love is looking up something
obviously Google's going to figure out
uh how to Target you on that on that
thing and then sell that data to other
people and they go they call it
retargeting whereas if they have access
to your direct Network and they can see
you know things that you didn't even
fully like search out or you're typing
on a different application like a chat
application where you're not even
searching about you're just talking
about it that data is very valuable
because they know about something before
Google does or somebody some other large
data broker
interesting
what are what are five simple things
that people can do to protect themselves
from from hackers
use a password manager
um install an antivirus or consult with
an I.T company that has cyber security
expertise or a cyber security company uh
one of one of those many options but
talk to somebody unless you're an expert
yourself
uh use an RFID blocking wallet uh and
potentially if you want to be extra safe
use a key fob that has an RFID shield on
it that way your key fob doesn't work
outside of that Shield can't be cloned
some cars require you know top to start
so you know use something like that uh
be careful with the websites that you're
visiting if the browser is telling you
the site looks unsafe then it's probably
unsafe and if uh you know if you're told
otherwise make sure who who's telling
you otherwise is legitimate
and
you know just be careful I mean just use
your common sense if something looks too
good to be true it probably is okay what
about we're we live in a day and age
where you're getting spam calls every
five minutes you're getting spam text
every five minutes and a new marketing
emails coming in every two minutes it's
I mean it's ridiculous
do we need do we need to worry about
that stuff if I open a text
could I be hacked just from opening the
text technically yes I mean like I said
earlier the zero click attacks that
they're willing to pay a ton of money
for there's government agencies that
already have them you know that there
was one going around for uh quite a long
time
uh there was one going around for quite
a long time called Pegasus and then
there was another one called Pegasus 2.0
and it didn't require any user
interaction from you know from anyone
you would just send to a phone number
they'd have full remote access to your
phone even without opening the text
without opening anything
holy how do you defend against
something like that yeah you can't
there's no there's no way to Defenders
that's why they're so valuable because
there's nothing you can do
how do most hackers get in do you have
to click a link
yeah yeah I mean sometimes it's a link
sometimes it's a file sometimes it's a
photo sometimes it's a chain of exploits
of multiple things that turn into it it
could be a Word document it could be
anything
um when it comes to zero days and zero
click exploits it's uh it doesn't
require any user interaction and you
will not know that your phone's infected
hey everybody I'm Sean Ryan click here
to subscribe to the Sean Ryan Show
YouTube channel for the hottest and most
compelling interviews that you will not
see anywhere else I've also made a
playlist of all the previous SRS
episodes so they're easy to find you can
find that
right here
Weitere ähnliche Videos ansehen
Cellphone Surveillance Explained - Stingray/IMSI Catchers
Der unsichtbare Krieg | Doku HD | ARTE
8 Most Common Cybersecurity Threats | Types of Cyber Attacks | Cybersecurity for Beginners | Edureka
¿Cual es el SO de Movil más seguro? Android vs iOS
"Hack ANY Cell Phone" - Hacker Shows How Easy It Is To Hack Your Cell Phone
CompTIA Security+ SY0-701 Course - 2.4 Analyze Indicators of Malicious Activity. - PART B
5.0 / 5 (0 votes)