How Hackers Hack Your Phone, Credit Cards, ATMs and Cards RealTalk S02 Ep. 41 Ft. Shelesh Rauthan

The Allen key is a special tool used to open ATMs. It can also be used to open cars by inserting it into the car's lock, allowing access to any car.

Today's episode delves into the intriguing world of hacking, cyber security, and scams. The guest speaker is Shilesh Rathan, a seasoned professional with over 10 years of experience in both black hat and white hat practices. His extensive career includes collaborations with various government entities like RAW and the UAE government for offensive projects and intelligence gathering.

Understanding Different Types of Hackers Hackers are categorized into three main types: white hat, black hat, and grey hat. White hats are ethical hackers hired by companies to identify and fix vulnerabilities in products. Black hats engage in offensive hacking activities like ransomware attacks and credit card fraud. Grey hats combine both white hat and black hat practices.

The Role of Red Teamers Red teamers are a specialized group within the hacker community who possess knowledge of black hat hacking but work for companies to enhance security measures. The industry requires individuals with hands-on experience in both ethical and unethical hacking techniques to combat cyber threats effectively.

The speaker shares their journey into hacking, starting with the CBI website hack by a Pakistani group in 2010. Intrigued by this incident, they delved into the world of hacking through forums like IndyShell and Indian Cyber Army. Engaging in black hat hacking for almost 5 years, they were involved in cyber warfare between India and Pakistan.

Hacking Pakistani Websites Experience Shelesh Rauthan shares his experience of hacking Pakistani websites, mentioning his involvement in a group and confirming multiple hacks on Pakistani sites. He admits to using abusive language post-hacking and engaging in meme activities initially due to lack of maturity.

Post-Hack Actions & Security Weaknesses Rauthan discusses the process after hacking, highlighting actions like accessing army databases, defacing websites, and targeting .gov.pk domains. He reflects on the weak security measures in Pakistan at that time which allowed for such breaches.

Hackers use pseudonyms to hide their real identity while hacking, as revealing it can lead to consequences. This anonymity makes it challenging for authorities to track them down and hold them accountable.

Types of Common Scams and Black Hat Hacking Common scams include phone balance, message, and link-related frauds. Hackers have various categories like cardists for credit card hacking, defacers for website hacks, and mal-devs for developing malicious goods. Low-tech hackers use phishing techniques with malware links to target individuals. Government agencies may employ high-level exploits to backdoor phones without detection.

Avoiding Small Level Hacking Risks To avoid small level hacking risks, refrain from clicking on any suspicious links as they can lead to browser-based exploits granting access to command servers. The market offers a range of malware options based on the desired damage level and budget constraints; prices vary from 500k dollars for browser-based exploits up to 1 billion dollars for SCADA-based ones.

Hacking income can reach up to 7-8 figures in corporate projects. Malware development and providing solutions as a middleman also yield high earnings, potentially in the millions. Special government projects like SS7 signaling involve fees of millions for services such as phone location without ISP involvement.

Safety Concerns with Social Media Apps Social media apps like Instagram, WhatsApp, and Snapchat have faced multiple database hacks leading to user data leaks on the dark web. Despite claims of end-to-end encryption by platforms like WhatsApp using AES-256 bit encryption, vulnerabilities still exist through malware attacks that can access cameras and microphones without users' knowledge.

Risks of Malware Attacks on Mobile Devices Malicious software such as rats can infect mobile devices, granting attackers control over functions like camera recording even when the device appears off. These malware exploits often exploit user privileges in Linux-based systems to bypass security measures and conduct overlay attacks where fake app interfaces prompt users for sensitive information.

Checking Phone for Hacking To check if your phone is hacked, first determine if it's rooted. If not, use it normally. You can intercept your phone's traffic using proxy tools to see if someone is monitoring you. Install certificates on your mobile from tools like Bub suits or Charles proxy to monitor the traffic and detect malware.

Data Security Concerns Using a basic phone like Nokia 1100 can be a solution to avoid data security issues present in smartphones. Data stored by apps like Snapchat may not truly get deleted and could remain in their database indefinitely due to varying regulations outside Europe regarding user data retention policies enforced through audits.

The speaker recounts the challenges faced in hacking, emphasizing that everything is hackable. He reflects on his experience tracking terrorist groups like ISIS and Boko Haram in Africa, highlighting the complexity of monitoring their activities, funding sources, propaganda dissemination methods, and recruitment strategies across various mediums.

Uncovering a Bomb Blast Plot In 2015, during an investigation at the Cyber Crime Task Force lab in Nigeria, a tweet by Chima Okoro hinted at an upcoming bomb blast in Abuja. By tracking his phone using SS7 signaling and deploying Stingray technology to locate him near a church, it was discovered that he was involved with Boko Haram making bombs.

ATM Hacking Techniques Revealed Various ATM hacking methods were discussed including scheming where fake covers are placed on readers and keypads or using Raspberry Pi devices as black boxes inside ATMs. Additionally, cybercrime groups like Cybernaka have hacked main servers to remotely control ATMs from different countries for financial gain.

Understanding Carding and Credit Card Hacking Carding is a process that involves hacking credit and debit cards to use them for fraudulent transactions. Hackers can obtain card details through phishing, malware installation, or by targeting servers where the information is stored. They may also exploit vulnerabilities in POS systems connected to the internet to extract credit card data.

Methods of Credit Card Hacking Hackers employ various methods like setting up fake payment pages, installing malware on computers, or targeting server ports with brute force attacks to steal credit card information. Additionally, intercepting payment requests in gateways allows hackers to manipulate transaction amounts and make purchases at significantly reduced prices.

Car Hacking Tools Tools like Lishi can unlock high-tech cars by intercepting and replaying unlock codes. Some cars require physical key insertion for engine start, but tools like Pineapple Pi can bypass this security measure to steal items from the car.

Radio Frequency Interception HackRF device allows interception of radio frequencies, including communication with airplanes, although such activities are illegal. The tool Mayhem running on HackRF enables monitoring and potential hacking of various wireless signals.

Fake Access Points Creation Pineapple Pi is used to create fake access points near target locations like corporate offices. By mimicking legitimate Wi-Fi networks, it forces devices to connect and potentially exposes sensitive data that passes through these fake connections.

ATM Lock Opening Tool 'Allen key' is a specialized tool used for opening ATM locks by manipulating cylinder systems within the lock mechanism. This tool facilitates unauthorized access to ATMs or other secured areas using specific techniques similar to traditional lockpicking methods.

Wireless Device Hacking 'Proxmark 3' enables cloning RFID cards for accessing secure buildings without authorization physically red teaming scenarios involve breaching physical security measures alongside digital hacks; this device aids in duplicating entry credentials quickly and discreetly

Exploring the Dark Side: Unveiling the Secrets of Dark Web Dark Web is a hidden area not indexed by regular search engines, accessible only through the Tor browser. It originated as a US Navy project for private communication and evolved into a network with layers of encryption like Onion Routing. Dark Web hosts illegal activities such as selling animal skins, medicines, weapons, and even live murder services in Red Rooms.

Uncovering Horrors: The Disturbing Realities of Red Rooms Red Rooms on the dark web offer live murder shows where people pay to watch gruesome acts. Rich individuals reportedly find pleasure in these horrific displays. Accessing dark web content may pose security risks like hacking but remains challenging to trace due to encrypted data transmission via Tor browser.

The speaker discusses the existence of secret societies, Illuminati, and assassins in the hacking world. He mentions being questioned about involvement with these groups but clarifies that his focus has been on tracking fundraising for terrorist organizations rather than secret societies. The conversation shifts to hiring hitmen through websites using digital currencies like Bitcoin.

Secure Communication Devices for Data Protection To stay safe from hacking, it is recommended to use secure communication devices like open source or crypto phones. Companies offer end-to-end encrypted phones similar to BlackBerry's old models, providing enhanced security features such as fake Amicis catchers and protection against Sting Rays. These specialized phones are commonly used by agents due to their high level of encryption and privacy measures.

Challenges in Ensuring Cybersecurity Privacy in messaging apps like WhatsApp is considered a myth due to the prevalence of exploits and vulnerabilities. Despite the widespread use of WhatsApp across all age groups, exchanging sensitive information on the platform requires caution as it remains exploitable. Governments' efforts in cybersecurity vary by country, with countries like U.S., Israel, and Russia being proactive since early 2000s compared to India's more recent initiatives starting around 2016-17.

The podcast wraps up with a reminder to use data and devices carefully, emphasizing the importance of protecting confidential information online. Avoid sharing personal details publicly and be cautious about hacking or invading privacy. The host mentions upcoming episodes on different topics and offers a course for those interested in starting their own podcasts.