How Hackers Steal Card Info, Just by Standing Nearby
VloĆŸit
- Äas pĆidĂĄn 26. 03. 2020
- Thanks to Ring for sponsoring this episode! Visit ring.com/home to make your home safer!
đĄ -------------- accreditation -------------- đĄ
You crafted a Bag of Holding, but you didn't get it *quite right*. It doesn't actually have space for any physical items, but it can contain effectively unlimited data. You can't really choose what it grabs though, it just sort of perpetually Kirby's information into its gob from a foot radius out in all directions. Oh and it's also cursed, every time it collects data you forget something.
------------------------------------------------------------------------------
Unedited footage for this video ($5+ patrons):
/ 35373584
------------------------------------------------------------------------------
Many thanks to Dev and Babak for showing us this really neat tech. You can find more from them at
redteamalliance.com
------------------------------------------------------------------------------
Additional Information
Check out our playlist of all the times Dev & Babak have been on the show
âą Guest: Red Team Alliance
------------------------------------------------------------------------------
Music used in this video:
"Me 2 You" by qstn
chillhop.bandcamp.com/track/m...
"Yes Please" by Tane
chillhop.bandcamp.com/track/y...
"Breakfast" by Monma
chillhop.bandcamp.com/track/b...
Most of the music from the show: bit.ly/mrspotify
------------------------------------------------------------------------------
Post-production powered by Doghouse Systems
doghousesystems.com/v/rogue/
Use promo code âROGUEâ and get a free 250gb SSD now!
------------------------------------------------------------------------------
This video was made with the help of:
Brian Brushwood - host -- / shwood
Jason Murphy - host -- / captainmurphy
Brandt Hughes - camera operator (ep) / editor -- / gatowag - / gatowag
Bryce Castillo - live audio engineer (ep) -- / brycas
John Rael - camera operator / live audio engineer (ad) / editing assistance (ad) -- / skepticallypwnd
Annaliese Martin - camera operator (ep) -- / amuseliese
Deviant Ollam - guest -- / deviantollam
Babak Javadi - guest -- / babakjavadi
Christina H. (Rev) - first draft of english captions
------------------------------------------------------------------------------
Our Mailing Address
Modern Rogue
539 W. Commerce #1975, Dallas TX 75208
------------------------------------------------------------------------------
Scam Nation: / scamschool
Patreon: / modernrogue
Discord (patron reward): / discord
MR Articles: themodernrogue.com
Outtakes & BTS: / scamstuff
Subreddit: modernrogue.reddit.com
Merch: scamstuff.com
Twitter: / modernrogueshow
Instagram: / modernrogueshow - ZĂĄbava
Have you see a bump key in action? With just a few taps, you can get into some of the most common locks! Check them out in this video: czcams.com/video/WpH_t0u5Ybg/video.html
Weâre giving away our original Bump Key sets to three winners of this weekâs free giveaway. Just sign up at gimme.scamstuff.com and you could win (no purchase necessary, giveaway ends 4/2/2020)
Congrats to the winners of last weekâs Wallet Lock Pick sets: Mike Joe, Zach Barlow, Zechariah Brooks, Matthew Bailey, Jude Matthews, Alice Janae, and Isaac Enrique (we will contact you via email within the next two weeks)
have you seen* :o
So we're just gonna ignore that they took a Ring sponsorship on a video about protecting your personal information?
change the beep to a discord ping and say you forgot to close discord, much more acceptable
Promoting ring camera is a very bad look.
2 dudes, chilling in the elevator, 6 feet apart cause they want to keep their credentials safe.
they are also socially distant because that's responsible
18 sweaty naked cowboys at Ram Ranch.
Social distancing
Tickleshits US marines are gonna fuck some ram ranch cowboys
also covid-19
The Modern Rogue: The leading channel for aspiring criminals since 2016.
"I've been watching the modern rogue since 2016, and already stole 2 mil. These guys are genius"
The Modern Rogue + LockPickingLawyer :)
Teaching Rogues you might day say
Or you could one of the many mega torrents on the internet that contain 100s of gigabytes of information on doing everything from making an explosive to what these guys are doing to getting near "perfect" op-sec.
@@kermit8173 really? Where can i get the link
Wishlist item: Counting Cards. A modern rogue DEFINITELY should have that skill mastered.
YES.
Definitely man/girl.
There's plenty of tutorials about this online. The act of counting cards itself is exceptionally easy, what takes hours of time and practice is to be able to count cards without getting caught.
For anyone who's curious about blocking RFID, I have a video coming out on Monday about that topic. ;-)
And who are you?
@@hahahahaha6066 heh, i'm the guy in the episode, brother. =)
@@DeviantOllam lmaoooo
didn't realize you had a youtube channel. time for a binge watch!
Does it involve going to woolies and buying some foil
LOL
I'd like to know what the Red Team Alliance people think about Ring devices.
I love the shot at the end of Brian running away while the reader beeps wildly as it grabs the cards of everyone in the studio.
Modern Rogue: The True Outlaws Channel
run by an Alliance of Thief-bots, Cyborgs, Wizards and Ninja Knights XD
Guys, calm down. People are practicing social distancing so we are safe and no one can steal our credentials.
Unless someone starts planting them under chairs. Or Places where people tend to lean on. Hackers always find a way. You shouldn't worry about it anyways. Its your bank that pay for it not you.
@@gladimirsavinon104 thatâs fricking SMART
Only sheeple practice social distancing.
Or you can just go to the mall or Walmart and stand bye prople
oof
That's not exactly a brilliant sponsor, especially considering the actual content..
My thoughts exactly
also especially considering the lax security of amazon/ring as a company
Ring is an enormous security risk, and i prefer my privacy not be invaded, bad sponser for the content of the video.
Phillip Bertram meaning it can be hacked easily?
@@jacklondon8845 Correction: not can be... Has been hacked in the past
@@mattias2792 please explain how here or through email..
Do you have Facebook? Google apps or Google phone? Use anything Google, apple or Samsung? Then your information is already compromised. He'll your information is sold to hackers. Your welcome
Ring as a sponsor? The company who likes to market it's users to police as informants? Come on, guys.
Yeah, that felt really gross to me too.
Not sitting right with me either, they have to be aware...
What's happening?
Team up with Linus Tech Tips to make a homebrew setup. Would be a good video for both channels.
In case anyone doesn't know what I'm referring to, here's Ring's laundry list of issues.
www.techdirt.com/blog/?company=ring
Thank you so much for still making videos during this time this is exactly what everybody needs not stealing people's credit cards but the entertainment
You would say that
I've loved all of these collaborations with Deviant. A great addition for future video would how to detect when someone is trying to run this sort of brush pass attack on you, so you can publicly call them out on it, or determine their affiliation. Or, how to constantly give off false credentials to anything that's not a recognized reader (sort of like keeping a fake wallet with a couple dollars in it while you're traveling, so that the pickpocket takes that and leaves you alone).
I'm already looking forward to being back. It's a shame that I wasn't making my usual trip to Austin in the spring. Was hoping to see everybody. Miss you all! :-)
"It's gonna feel like you're at home all the time" was this recorded pre-plague?
Made me chuckle while I eat my lunch... while working... from home...
@@nymalous3428 Thanks, I'll be here all week. Probably longer.
Definitely. It's prerecorded.
6:47
This so far is the best morning since I legit JUST sat down at my computer to see another Rogue post!
7:04 Brian's right, also his reaction to the "greedy robot" đ I love this channel
In today's episode, more talk about data security. BUT FIRST, WE'D LIKE TO THANK OUR SPONSOR: RING! lmao
(if you aren't aware, Ring is working with LE agencies and adding facial recognition to their software, and they have a notoriously hideous history around data security)
cerg thought the same thing.
That's the least of the problems as far as I'm concerned. Amazon/ring employees have been reported to have accessed user data improperly and with little to no restriction. Even if you assume govt. and police are entirely benevolent, you can't say the same for Jo Public, so failing the "bitter ex test" is a bigger deal in my eyes.
My sleep deprived mind NEEDS to know how to steal someone's information
well Gee , don't narrow it down or anything like that !
it's easy to steal people's information
but its' a question of WHICH INFORMATION
What are the requirements
I do not want to see the end of these guys series. I love them and their equal parts malicious and totally badass knowledge of this sort of tech.
đđ
Damn too bad social distancing is in place.
They can put it on chairs
Please keep these videos coming! I love seeing all these hacking/penetration videos! some of my favorites! And thanks for keeping these coming during these times!
Perfect camouflage is to install into 1 side of a hard shell brief case. Not simply inside but mounted flush with the exterior, as not to impact range.
It's always nice to see a Modern Rogue video in the feed
Suprised this video is 4 yrs old and I'm just now seeing it. Deviant taught me that social engineering is always the best vulnerability to exploit, but he's also the reason i still carry my dk 16120 and linear 222343 keys....also the reason I think that spewing whiskey through the gap in the doors of a bank lobby at 2am to trigger the reauest-to-exit motion, releasing the door lock, and then taking a bow is one of the coolest things ever
Sorry, not gonna have anything to do with Ring. Shifty company, shifty practices.
Jup, sounds a lot like watching with someones webcam x1000, + here is the history if you missed anything
I find it funny how they talk about hacking. Then go over to ring. Which was outed a while ago as one of the leakest big scale tech companies out there
Kinda ironic given the topic of the video.
Wasn't there a thing where any amazon/ring employees could access any ring camera without authentication?
That's where the fart sound comes in handy when you're in the elevator cos you know everyone in there is getting out on the next floor to avoid the smell lol
đ I'll have to try that sometime đđđđ
Love the Browncoats bag with the "Balls and Bayonnets" triangle patch on it! Keep flying!
Hell yeah!
Good work only I can easily make impenetrable jammers. Used to work for ingenico and prior Andrew's antennas here in Scotland.
Manufacture wallets. Imbed an RX/ TX coil. Upon detection of a scanner the coil transmits RF noise. Better still alert the wallet holder. Massive market awaits guys.
Heâs explains it as âcool stuffâ it can do but itâs more terrifying and life ruining than anything
Loving this miniseries!
If yâall wanna steal credit cards get hired at a pizza place, volunteer to answer phones and wait for a delivery where they want to pay with card. But please donât, itâs not worth it!
Important information Dev and Bobit are great guests thank you
Thanks! (BTW, my buddy's name is Babak. Don't worry, my autocorrect gets it wrong sometimes, too!) đ
well, that was terrifying... remember to keep six feet away, folks
I'm a security guard in Denver and typically patrol areas around the airport and I've been hit once by scanners like this and it took them minutes to wipe out my bank account. I was able to get everything undone and all of my money back but after I got and RFID blocking wallet, I haven't had it happen again.đđđ
"Standing nearby"
Ok now I'm scared.
This seems like a workaround way for The Modern Rogue to advocate for social distancing...
Great system that works is:
Put your name and signature on a credit card. Hand it to the salesperson, they run the transaction and have you sign. Before they give back your card, they ask for photo ID and check the signatures. Takes a little longer, but a lot easier then dealing with identity theft. Wait, did I just experience time travel!!!!!
Rumor has it that Ring has at least four extra sets of software that sends information to third parties regarding whatâs on your WiFi.
The moment you stood next to Jason...my phone popped up a notification "You're back online."
What sorcery is this?!
I would have loved to see that card in an RFID blocking wallet to see just how well they work
See my video tomorrow morning. :-)
âYou can walk past someone and steal their credentialsâ this sounds like Watchdogs
Facts
Well then, I guess it's time to see just how many episodes they've stockpiled.
Ok but that sponcer scares me more than some rando trying to take my cards. I have done way too much research for college about how exploitable IoT networks are and all i can say is hell no.
Imagine if you were cosplaying as Chewbacca and had that in your satchel. The amount of pictures people would have with you, you could pull so many cards
I have an RFID blocking wallet. My work badge doesn't scan through it...now I'm glad!
This is one of the best crossovers that has ever existed.
It was for us, that's for sure! We love these cats.
@@DeviantOllam So if I want to go into penetration testing what kind of things should I do?
@@hahayoucaughtme824 I put up a blog post about this exact question :-)
deviating.net/words/?p=1096
@@DeviantOllam Alright thanks man, are you going to be at the next DEF CON?
@@hahayoucaughtme824 whenever it is, I will be there.
There's a reason I use an RFID blocking wallet. Anyone can make their own and provide some protection by lining their wallet/purse with aluminum foil, BTW
For additional protection if you have any important information stored anywhere you can always put aluminum foil on that which is why I always rock a gansta al foil hat plus it goes with anything
Aluminum is the fourth best conductor among metals. So in theory unless you have it set up like a Faraday cage it will act more like a antenna then a rfid blocker. if you want to STOP the signals then scrambling them would work or use something that stops transition like lead. Though unless you want lead poisoning id stick to NOT using rfid and instead sticking to chip cards rather then touch to pay.
@@ccaron91 I said *some* protection. It's not going to prevent the card from being read completely. However, from what I've read, it makes it harder to read a chip at any sort of distance. Granted, it's anecdotal, but it makes sense to me if the foil is absorbing the energy in the signal somewhat.
@@ccaron91 Lead isn't that bad, but I still agree that you should cut the antenna in your card and just use chip and pin.
@@c.easium9012
West Side Foils
Real Muthafuckin Foils
Today was a safe day
RFID... Fear of a Scanned Planet
Fight the WiFi Power
Bring the Toyz LMFAO
man these vids are amazing
This episode of the modern rogue brought to you by a new government watchlist this video puts you on
Lol this being a Ring sponsored video Id love to see how easily RTA would smash anything a basic ring system could throw at them
I'd like to see a video about how to detect people with a skimmer. That'd be pretty cool.
You could, in theory, use one of the circuits like what's on the black RF detector card and have it control a little vibration motor instead of just an LED... If your pocket vibrates, folk around you think you're getting a text message but only you know that it means someone is outputting 125kHz or 13.56mHz in your vicinity!
Now THIS is something I need to know!
uh, for totally-not-theft reasons of course...
Damn dude, is not even the sanctity between friends sacred to you?
@@confusedrune9887 this is a great way to touch your friends' butts while having a plausible excuse why.
Errr... I would imagine.
@@DeviantOllam True, true... I guess I'll be investing in some technology now.
Hereâs how I i wish the ad read went at the end. Brian: how are we gonna protect out camera gear and expensive stuff. John: 45 acp. Roll credits
>Just by standing nearby
Well, we're all safe from this for a little while then, huh.
Is there a tutorial how to build building this device ?
If what people are saying here about Ring is accurate, then I guarantee that Deviant hates it.
Tex what are people saying about Ring
â@@jacklondon8845 People aren't "saying" anything, Ring is one of the worst companies you could go with both in terms of security and privacy.
Frank security wise why? Please post details...many people where I live have them installed everywhere on their house...these are million dollar homesđŹ
@@jacklondon8845 hey, seems like nobody's responded. I might be 7 months too late, but: Ring employees have been known to access people's recordings or live feeds with little to no security. That I know for certain. What I'm not sure about but a number of people have mentioned is that their cameras are also working with law enforcement - Ring is developing facial recognition systems.
Thus, it fails the "bitter ex" test: "can someone with an agenda use this to ruin someone's life?"
Both in ease of access (probably for someone who's not an employee, via brute force hacking or just stealing credentials) and the facial recognition.
Nobody is stealing my card info. If they come near me I'm running.
10:47 "you're gonna feel like you're home all the time"
I am đđ
I've also seen, if you just put multiple cards on top of each other (like a deck of cards) it can't read the signal, because there are too many at once, and it can't grab just 1 card at a time.
This is the case with low frequency credentials, but not high frequency credentials.
High frequency technology has automatic card discrimination and collision detection built into the protocols.
always fun when RTA are around
Any links to buying any of these?
How about protecting through a spamming device, flooding any reader near by with data?
How do I keep clicking on these videos so early when I don't have CZcams notifs enabled on my phone? Anyways, great video!
Do a video about the security implications of having ring cameras. Oh nvm
Fyi ring is very easy to block/ turnoff. The tool costs $50. You should do an episode about it. It will shock you
RIP Labs Keycards, People are just gonna steal em now and steal your Labs run D:
Love you dudes so much man holy cow
You can even bypass the RFID wallets to a certain extent, scary!
Can this be used on a contactless smart card as well?
This guy's eyes saw the LockPickingLawyer himself
Can the wireless credential reader be used for mifare classic cards?
Love the firefly browncoat patch on the bag lol
Thanks! đ đđ
@@DeviantOllam no problem
Starbucks, Shopping Outlets, Concerts, Public Restrooms, Theme Parks , Las Vegas Strip. Tourist Hotspots
Wiretap, add ring wiretap to my shopping list
Does anyone know the name of the reader used? Canât find it online
Great! Now I've got Jason Murphy's credit information but I forgot the clever thing I was going to write in this comment! Stupid Kirby-cursed bag of digital holding....
I once saw Brian eating cotton candy on a different channel
This guy looks just like Leonard Hofstadter, jajaja. Good video, thanks!.
Right, when we are outside....
How do you build this Iâm interested for a school cybersecurity project
Was wondering when you'll upload
One thing I've always heard was aluminum foil blocks readers, and from some simple tests they do. But that reader is more powerful right? Does something as low tech as wrapping your card or badge in aluminum foil when not in use still protect it when the reader is that powerful?
I have a video coming out about this on Monday :)
Well that's kinda the low tech version of the RFID protection most modern wallets you could probably just put you id in that and be slightly more protected than it hanging out naked. There's a measure of protection in the liningof the wallet, but it looks like it all depends on the power of the device they're using to get through.
You put the tin foil on your head, dummy.
What about copper foil?
"Dont diss my homies" Abe Lincoln. (Hell on earth - contact Billy Ocean) who writes these on the chalk board lol
And this is why I don't have a contactless credit card, and I keep NFC turned off on my phone unless I'm actively reading a tag.
and to that.... You should add
Turn off your WiFi Hotspot
Turn off WiFi
Time to get jackets with pockets on my chest.
Holdon is this thing being used on regular access control rfid cards or credit cards? Because if this thing can steal credit cards thats wild.
I'm sure that this is a great video and I'll tuning into the next one you put out for sure, but having Ring as a sponsor for THIS topic of all topics doesn't sit right with me. Catch you on the next one!
You must know that credit card companies or any company that stores out credit card information, allows there systems to be breached by hackers in order to continue to perpetuate fraud. These companies benefits the most from fraud. Use your critical thinking skills
Would have been funny is this was sponsored by ridge wallets
Hey Modern Rogue, more of this stuff!
Ring never worked right for me, Under direct sunlight my doorbell stop working after about a year. Had to replace it and it happen again. I switched over to Eufy doorbell and cammers had no issues after that. Also one does not have to pay for holding video clips!
7:22 he keeps trying to swipe the card. Lol
Babak has great facial expressions
Get one of those electronic fart noise toys from the 90's, build a card reader into it, and pay a 9yo to sneak up behind someone, hold it near their back pocket, and make it fart - that way, when they turn around and see the kid, they'll just think it's some kid being stupid ;)
Imagine advertising a doorbell while no one is leaving their house.
I got some questions about the chock board
Where can i buy this tool?
Some customers in my supermarket just hold their wallet up to the card reader to pay. Eek.
and Ring can get hacked into very easily.
Great demo. Would amp up the antenna power 2x or 3x for more reconnaissance options.
Ring is terrible. Anyone watching this channel should be able to make their own secure option -- without a monthly fee.