I’ve been asked many times in the past about who my favorite hacker was. I like many for different reasons and have even written about a few world-renowned hackers over the last couple of months. However, there is just something about Samy Kamkar that makes me go ‘WOW’. He is known to many as the bad boy of the hacking world and has no love lost till date. He’s got the looks to go with his title and is a role model to hackers around the globe.
Samy Kamkar believes that everything with wireless connectivity is vulnerable.
Samy is a hacker who loves challenges. If there is a way through to code, Samy’s got a way through to it. He’s done everything from tweaking a kid’s toy which opened a garage door, to 3D printing a master lock-cracking robot, from devising a fake charger that can sniff keystrokes to pranking a friend with a doorbell- ringing text message attack. He’s even built a drone that can seek out and wirelessly hijack other victim’s drones.
Let’s take a peek into the life of Samy Kamkar and his perilous adventures.
Samy’s Beginnings: An Adventure Into The Unknown
Samy Kamkar was born on December 10, 1985. He has been given titles of a privacy and security researcher, computer hacker, whistleblower and entrepreneur and all that other fancy stuff you can think of. He dropped out of high school at the early age of 16 and founded his first company Fonality (A unified communications company based on open source software, which raised over $46 Million in private funding.) a year later.
Samy probably hit stardom when he created and released the fastest spreading virus of all time, the MySpace bug, ‘Sammy Worm’. The Samy worm was so notorious that the US Feds were on a hunt to find Kamkar and bring him to justice. We’ll talk more about the worm a little later.
Sammy is also known for creating SkyJack, a custom drone which hacks into any nearby Parrot drones allowing them to be controlled by its operator. He also created Evercookie, which appeared in a top NSA document revealed by Edward Snowden and on the front of The New York Times.
Some of his notable achievements are his works with The Wall Street Journal and his discovery of the illicit mobile phone tracking where the Apple iPhone, Google Android and Microsoft Windows Phone mobile devices transmit GPS and Wi-Fi information to their parent companies. His research led to a series of class-action lawsuits against the companies and a privacy hearing on Capitol Hill.
Samy Worm– The Myspace Bug That Changed The Way We Look At The Internet Security.
I’ve been told that Samy had a passion for bypassing code right from the early age of 16. He wasn’t really an extrovert and liked to often keep to himself. His intentions for messing with Myspace was largely based on experimental motives and not of a criminal one.
His cleverly written lines of code called the ‘Samy Worm’, let him have numerous friends on myspace and also allowed him to be a hero amongst millions.
Sammy wrote code that would appear with the words ‘but most of all, Samy is my hero’ under the Hero category on Myspace for anyone who visited his profile. He realized later that he wouldn’t be a hero to many if this was only based on profile views. He wrote some more lines of code which copied itself on the visitors profile and let it work its magic automatically. I think it’s safe to say he was a self-proclaimed hero to many.
The users were also tricked into unknowingly sending Kamkar a friend request when they viewed his profile. Within just 20 hours of its October 4, 2005 release, over one million users had run the payload, making Samy the fastest spreading virus of all time. The Virus went so crazily viral that Myspace had to temporarily shut down to fix the problem which allowed the worm to operate.
In 2006 Kamkar was raided by officials and pleaded guilty for releasing the worm. He was then banned from using a computer for three years with only access to one single computer registered by authorities with no access to the internet.
Reformation and Achievement:
Kamkar had great regret for creating the virus that he had no control over. He spent the three years away from computers trying to get over his mishaps and rebuild his passion for helping businesses and people alike. He was still allowed to work at his start-up in a managerial role and give public speeches during this time.
After his ban was lifted, Sammy left the negatives behind and was thankful for this experience because it helped him turn a new page over in this chapter. He stated that this incident had changed his life and made him more of an extrovert from being an introvert with not much but just the computer by his side.
Kamkar in the current days is a sort after public speaker in the field of security and also runs his own youtube channel where he breaks down and explains exploits to security enthusiasts. He is still adored by many around the world and as a hero to many considered to be one of the best security researchers in the industry.
I may not have listed down in detail all of Samy Kamkar’s terrific achievements. However through this short illustration of his life summary, there are plenty of lessons to be learned.
Although Samy was a self-proclaimed hero back in the Myspace day, he has exposed us to how vulnerable the internet could be through the Samy Worm. We’ve learned so much through this event, that Samy could well be called a ‘Real Life Hero’ in the cybersecurity world.
Should Kamkar have had unethical motives, a huge part of our internet eco-system would have been at ransom. For this, we’re grateful.
Our purpose in writing these articles about security researchers who have impacted us and the world is because we honor the ones that have redefined the way we think about the security ecosystem. We are grateful and thankful to these stewards of cybersecurity who have taught us to act and think beyond the human capability so that we’re prepared and ready to tackle any threat that comes our way.
At Appknox we’ve inculcated this attitude of proactiveness from security researchers like Samy Kamkar and a few others. We believe that everything wireless poses a threat and our security researchers are constantly digging to detect and neutralize the next big ‘Samy Worm’.
Have a security issue you are concerned about ?