Millions of Cars Hacked (Again)

Millions of Cars Hacked (Again) https://stream.echo6.co/videos/watch/8d05065b-548d-44a9-9e7d-16a1e870ec93 At DEF CON 33, a researcher showed how two API authentication flaws in a centralised dealer portal for a top automaker enabled national admin access across 1,000+ US dealers. With weak VIN/name lookups and broken enrolment/pairing, attackers could remotely unlock/start cars, track location, and even transfer ownership silently. This video breaks down the attack path, why centralisation magnifies risk, and what owners and teams can do: lock down dealer workflows, remove weak lookups, and harden API auth. // YouTube video REFERENCE // You’re privacy and security nightmare: https://youtu.be/lDdJLrxQg24 // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb X: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/@davidbombal Spotify: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ SoundCloud: https://soundcloud.com/davidbombal Apple Podcast: https://podcasts.apple.com/us/podcast/david-bombal/id1466865532 // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:13 - Another example from Defcon 2025 0:24 - Flaws found in a carmaker's web portal 0:35 - What the hacker found 01:03 - The takeaway 01:21 - It's ridiculous that cars are connected this way 01:36 - Doxxing from parking lot 03:56 - Phishing on the dealer's dime 04:00 - Final takeaways Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #hack #carhack #api Mon, 13 Apr 2026 23:01:16 GMT https://validator.w3.org/feed/docs/rss2.html PeerTube - https://stream.echo6.co Millions of Cars Hacked (Again) https://stream.echo6.co/client/assets/images/icons/icon-512x512.png https://stream.echo6.co/videos/watch/8d05065b-548d-44a9-9e7d-16a1e870ec93 All rights reserved, unless otherwise specified in the terms specified at https://stream.echo6.co/about and potential licenses granted by each content's rightholder.