▶ listen
episode.ascii — live render
● episode

REvil Redux

Story Cybercrime & Dark Web Ransomware

TL;DRGermany's BKA officially unmasked Danil Shukin, 31, as 'Unknown,' the alleged operator of ransomware operations GandCrab and REvil, which extorted billions globally. The FBI had previously identified him but he remains free in Russia.

We return to one of the more interesting ransomware as a service stories of the last few years; the story of REvil and it's recently (allegedly) named operator. Also the big mythical thing that happened.

Transcript

Machine-generated transcript; may contain errors.

Speaker 1: Who is this guy? This is the landlord, Daniel Shchukhin, who

Speaker 2: I think wasn't named publicly

Speaker 1: in this way. This is one of the people that lives by organizing these, renting arrangements. Probably, I have

Speaker 2: to say, he hasn't been convicted.

Speaker 1: He hasn't left Russia. This is in Antalya, the Turkish coast, where he is still free.

Speaker 3: This past week, Germany's federal criminal police, the the Bundescriminalamt or BKA, put a face and a name to one of the most elusive handles in the history of ransomware. A story that we started telling on this show four years ago. That handle, u n k n unknown. For years all anyone had was that username. Like a Russian cybercrime form to point towards the person behind some of the, call it craziest destructive ransomware operations the world had ever seen. The man behind that handle ran a ransomware shop called GandCrab, which opened up in 2018 and within roughly a year and a half, it extorted over $2,000,000,000 from victims before abruptly shutting down. Then, almost immediately, he opens up doors on Areval, also known as Sotokanibee. That kicks off with, like, a big kind of statement, deposits a million bucks into a Forbes escrow account just to make it clear the kind of scale we're dealing with. Unknown pioneered what the industry now calls double extortion. We covered all this back in 2022 when we first talked about this. You pay once for the keys to unlock your system, then you pay again for the promise that all that stolen data won't be published. Are evil. We're a big game hunting operation. In July 2021, over the fourth of July weekend, they hit Kaseya, a very big company managing IT operations for a lot of people. When Gancrab shut down, the group's farewell message was, quote, we are living proof that you can do evil and get off scot free.

Speaker 2: Reval.

Speaker 4: Reval.

Speaker 3: Quite the exit. Interestingly, unknown has given only one known interview. To record a future, he described growing up in poverty in Russia, quote, as a child, I scrounge through the trash heaps and smoked cigarette butts. Now I'm a millionaire. And I would say bringing us to now with this big German announcement. But while this is the first time we've seen law enforcement say they've unmasked unknown and this is the guy, it is not the first time Shukin as a name has come up.

Speaker 1: Another young Russian has some technical talent, lives the big life, show is visible with his wife and his friends who who whose food he pays for. He has online casinos, crypto, and and other dirty stuff online. And he has, are evil, another large, ransomware model. And he seems to be living a good life from that. This is him again, both both times smiling.

Speaker 3: Great name for an event. We should go one of these times.

Speaker 4: Love to.

Speaker 3: We first reported on Unknown here on hacked back in 2022. At that conference, one year later, a group of private researchers named Shukin publicly in front of the global security community is the man behind our evil. And what made that accusation hit was that the US Department of Justice had already kind of kind of got his name into a federal court filing. Earlier that same year, seeking to seize roughly $317,000 in cryptocurrency the FBI had already pulled from his wallets. That filing included his name, his address in Krasnodar, Russia, all right there in a public document. It just took the rest of the world a little longer to catch up. Bringing us to now. 2026. BK has made it official. 31 year old Danil Maximovich Shukin, allegedly the head of both Gan Crab and are evil, charged with at least a 130 acts of computer sabotage and extortion against victims in Germany between 2019 and 2021, causing more than €35,000,000 in total economic damage according to those charges. So I wanna start the episode right here, with that unmasking and what Shukin is alleged to have built and why this all took so long. And then we'll talk about the other thing.

Speaker 4: That other thing. The big thing.

Speaker 3: That big mythical thing. Big mythical thing. All that more here on Hack. How long until I just remove the theme song?

Speaker 4: And it just becomes us.

Speaker 3: It's just that scribble the bumpity do.

Speaker 4: Us live live jamming it.

Speaker 3: Sometimes you got a jazz scat. How are you doing, Scott?

Speaker 4: Good. Good. How are you?

Speaker 3: I'm doing good. Keeping busy.

Speaker 4: Yeah. How's, I imagine summer is almost in full swing where you are.

Speaker 3: It's oh, man. It's I wish I could point the camera out the window right now, and you could see just how not in full swing it is right now. Just the grayest shit you ever saw. I was at where you are.

Speaker 4: Also kind of gray. Actually, today, I think it's gonna be nicer, but yesterday was pumping rain and very drabby. We still do have, like, sheets of ice around. We had such a hot cold winter that snow melted and then refroze as ice, and that ice is taking a while to, clear itself off. But, but you could feel spring is in the air, and that's that's a big positive emotional mental thing where we live.

Speaker 3: It's more of a mood than meteorological when spring is in the air.

Speaker 4: Yeah. Yeah.

Speaker 3: Yeah.

Speaker 4: It's like we're coming out of the five month, stay inside to survive period of the year.

Speaker 3: The craziest place we live in, man.

Speaker 4: We didn't choose the Jordan. We didn't

Speaker 3: choose We didn't choose this life. Okay. We got a lot of stuff to talk about this episode. There is, the the big story, I would say. The it's always interesting when a tech story, like, crosses the delta into mainstream media, and I'm like, oh, they're talking about security. This is crazy. Mhmm. Because of

Speaker 4: the same as what Jordan's what Jordan's referring to is, Anthropic's new model, Mythos, the zero day engine, coming for all infrastructure code everywhere.

Speaker 3: Security is no more. Your passwords are gone.

Speaker 4: They're gone. Your browser history will be public.

Speaker 3: Everything's out of the box. Yeah. Yeah. We'll talk about that later, for a bunch of reasons. For now, I wanna talk about a a classic hacked tale before we get to whether or not cybersecurity as a field is ceasing to be, with a pretty fascinating story. I I love a callback. It's been long enough since we've talked about this guy, and now we have a name to point towards. And it just cracking this story back open reminded me of how fascinating it was. So I wanna start here.

Speaker 4: Please.

Speaker 3: K. So go back to the beginning. We're just gonna take you through this. Gancrab. Gancrab was franchise ransomware. Ransomware is a service operation. We've talked about this before. Is the kind of thing where unknown and his team built the malware that other criminals then pay to use, handing back, call it 30 to 40¢ on every dollar they extorted. Very low barrier to entry. Very huge scale. The affiliate model, you know?

Speaker 4: Yeah. Good good solid business model tuned by tuned by many people.

Speaker 3: Yeah. A 100%. The group shipped five major versions of the code in roughly, like, a year and a half. You know, software is getting a little bit better each time. They're in the classic arms race with the antivirus industry, iterating like a start up. They had a support team. We talked about this back in 2022.

Speaker 4: Enterprise models.

Speaker 3: Enterprise model. You get some affiliates coming in who, you know, maybe mixed levels of tech literacy. Don't worry. We have a cracker jack customer support team to help you out.

Speaker 4: Technical presales, the whole nine.

Speaker 3: There's forums. There's tutorials. Is it organized crime? Yes. But it's run like like a business. Europol and the Romanian cybersecurity firm bit defender eventually started like, okay, what is this Gand crab? How do we slay it start offering like free decryption tools in collaboration with law enforcement undid about 30,000 of these like affiliate kind of infections, saving according to them $50,000,000 in unpaid ransom. Super interesting story in its own right. Gancrabs response, they ship an update. Every time the decryptor drops, a new version of their malware comes out. So it's like the formal call and response of this whole thing. Then 05/31/2019, out of nowhere, a farewell post. We're done. We made that money. We got that bag. Goodbye.

Speaker 4: We're off to a non extradition country.

Speaker 3: Where we already live in many cases as we will get to. Fair enough. Yeah. The group claimed $2,000,000,000 in total. Law enforcement believed the number was like, yeah. That seems about right.

Speaker 4: Pretty good. Pretty good haul. Pretty good haul.

Speaker 3: Within weeks of Gankrab going down, the other one pops up, like, pretty quickly after our evil. Same structure, much bigger targets. Crowdstrike tracked them a bunch. They noted that the code, like, from the jump wasn't don't it's not like a fork, but it was like, oh, there's a lot of connections to what Gankrabb was selling. They're operating with the same team, new name, lot of lessons learned. Our evil is going upmarket. You know, they're hunting organizations with pulling in over, like, a $100,000,000 a year, companies big enough to have cyber insurance policies that are going to pay out. They're just sort of refining how they work, who they work with, and who they're going after. The first major named victim, Travelex, a global currency exchange company. January 2020, Areval encrypted their system, threatened to publish customer data. They paid out 2,300,000, and as such, a series of dominoes begin to fall. March 2021, Acer. I used to have an Acer. Taiwanese electronics manufacturing giant, are evil demands $50,000,000. At the time, fun fun little bit of trivia, that was the largest publicly known ransom demand ever. Really?

Speaker 4: 50 mil?

Speaker 3: Pretty small. Right?

Speaker 4: Yeah. I would have thought it would have been bigger.

Speaker 3: I know. Some of the

Speaker 4: big health syndicates and stuff.

Speaker 3: But but then, you know, time passes, and it's now small small hat. Just a a measly little 50 mil.

Speaker 4: A little 50,000,000. No big deal. Yeah. Totally. Because what was the what was the one in, like, the Vegas one when they had all the all the the casinos? I feel like that one would have been massive.

Speaker 3: That's a good question. I'm trying to remember that one. But that was more recent than May 2021, wasn't it?

Speaker 4: Wasn't it, like, two years? And a half. Never mind. Leave all this in. Never mind. That's shockingly low amount.

Speaker 3: Yeah. You're talking about the MGM one?

Speaker 4: Yeah. Yeah. Yeah.

Speaker 3: That was just chaos. If I remember right

Speaker 4: Wins was Wins was 1,500,000. Caesars Entertainment paid 15,000,000. MGM, on the other hand, did not pay.

Speaker 3: Interesting. It is wild at this point that we can't keep track of the multimillion dollar payouts from this stuff. Like, it's just

Speaker 4: Hey. It's, it's its own business these days. Truly.

Speaker 3: Well, speaking of JBS Foods, May 2021, world's largest meat processing company. Facilities, US, Australia, up here in Canada, they'll get shut down. All the, like, physical infrastructure's offline. They paid 11,000,000. The White House got involved in that one. 07/02/2021, the kind of big one, Kaseya. This one's different. Instead of hitting one company, Arrival goes after a vulnerability in Kaseya's software to push ransomware through to all of their customers at once, more of a supply chain attack. 1,500 organizations

Speaker 4: Tis the season.

Speaker 3: Said 'tis the season. Like, 1,500 orgs downstream. That was $70,000,000 for the universal decryption key. So they're climbing. They're growing.

Speaker 4: See, but see, but then you've got an intermediary who's now responsible for delivering it. So now they're on the hook to pay the 70 miler. Their insurance is on the hook. 100%. They don't get sued by all of the downstream clients. So Yeah. Supply chain is the new it's the new way.

Speaker 3: On who wants that decryption key more than Kaseya in that moment? It's like all of the customers, but, like, not it was like but multiply those customers by 1,500 times, and that's how much Kaseya wants that key. Like, there's nothing we won't pay for that key. Totally. This is where it gets kinda murky. The FBI actually had already been inside of rEvil servers. Unbeknownst to rEvil, prior to the Kaseya attack, US intelligence had gotten into their infrastructure. I find this fascinating. This is an imitation game type thing going on here. They had the decryption key, and the FBI holds on to it for three weeks while they plan this bigger, broader operation to dismantle the group. Congress later was like, hey, FBI. Explain yourself immediately. There were hundreds of businesses still locked out of their system while you had this decryption key, and their response was that if we release the key, we would have tipped off the target and blown the operation. That's just a really interesting question of, like, do you blow your own operation and potentially let them get away, but save $70,000,000? Like, it's it's a really weird question that is, I think, maybe never had to be asked before prior to this point.

Speaker 4: I it's It's an interesting one. Right? Like, 70,000,000 is a lot of money to, like, you and me. But when it comes to the, like, world of global finance, $70,000,000 is like a rounding error.

Speaker 3: When you try to bust it, up the successor to a $2,000,000,000 ransomware operation. So the scales of numbers get really topsy-turvy. Totally. 07/13/2021, eleven days after Kaseya, our evil's website and infrastructure do vanish. No one really knew what was going on. Had law enforcement moved on them? Had Russia shut them down under diplomatic pressure, which at the time is more kind of plausible. Maybe they went down voluntarily to kinda wait out the heat. On September 2021, they popped their head back up, and this was an error. In October, a multi agency operation, FBI US Cyber Command Secret Service International partners hacked our evil zone servers and forced them offline again permanently this time. Then in November, the DOJ unsealed some charges, importantly, not going after unknown. It was a Ukrainian national named Yaroslav Vasininsky. Well done. Thank you. 22 years old, arrested in Poland and later extradited to The US. He was the affiliate. He was the guy who licensed the software tied directly to the Kaseya attack in 2024. He's sentenced to thirteen years and seven months, ordered to pay more than $16,000,000 in restitutions, over 2,500 ransomware attacks, $700,000,000 in demands. And then in January 2022, in a rare move, the Russian FSB arrested 14 are evil members at the request of The United States. I'll say that again in a rare move. They seized hundreds of millions of rubles, $600,000 in cash, 20 luxury vehicles. The Kremlin got, you know, the diplomatic credit, and then they invaded Ukraine a month later. And so that all just went away from her. The one who wasn't caught through all of this, the takedowns, the arrests, the decryptors, the FBI infiltration, unknown, never officially named.

Speaker 4: He's never charged, never caught. He's unknown. Great name.

Speaker 3: Great handle, honestly. It is. I like, UNK is quite bad. Yeah. Like, game recognized game. Not that I'm in the same game. In the in the hand in the naming stuff game, kudos. So, like, you got this character's fingerprints are on both of these operations. Be very, very careful. The only public facing persona here is this one forum handle unknown and the one interview given under a pseudonym. And then you just got, like, years of it seems pretty pretty good operational security. Looking back further, if we're trying to figure out how long he's been doing this, there was an earlier alias that someone found, Gerowin, that had run botnets and sold malware on, like, Russian cybercrime forums as far back as 2010 that's been connected to him. So he would have been about 20 years old at that point, I think a little little younger. He's been doing this a long time, flying under the radar until February 2023. The DOJ kind of files this little forfeiture complaint in federal court in Texas. It has to do with getting some money that the FBI had gotten throughout this whole process. And in that in that document, it's the first time we see it, his name pops up. It's no longer just a handle. They've connected through the FBI's investigation trying to get this money back from them. His name, his address in Krasnodar, and they're saying, we want the $317,000 in seized crypto. But now this name is out there in a public document, and most people miss it until, you know, talk that we opened to the episode with. A researcher takes the stage in Hamburg, names him loud in front of thousands of people in the security community. The clip kinda circulates a little bit. We read about this in Krebs on securities. Very good reporting on the story. Always. Just just just the OG. And then in April fifth twenty twenty sixth, we get here. The BKA German policing makes it official.

Speaker 4: I wonder friends in high places keep you out of trouble. I wonder how many friends in high places they might have to be the one person who's avoided persecution. Yeah. And especially if the government knows who they are, like, the government of America is just simply asking for the money back, not being like

Speaker 3: That's interesting. Yeah. Well, the the the American government has been kind of in this, like, weird tangle of a situation where you have the FBI that has access to these decryption keys and has infiltrated their system, but is, again, to evoke the imitation game, which good movie, worth checking out, ends up in a situation where someone has gotten access to this privileged information, but for tactical reasons cannot reveal they have that access. Mhmm. You get this thing where it's like, it seems like maybe the American law enforcement apparatus had all the information necessary to go necessary to go after this guy, but it wasn't prudent to do it. So we're gonna go after the, like, 20 customers down the line doing this. And Russia seemingly willing to collaborate on that project.

Speaker 4: Right. See that then that's that's what I'm saying is, like Yeah. As as much as I know about law enforcement, which is very little Sure. To preface this Yeah. Is, don't they usually try and go up the ladder,

Speaker 3: not down the ladder? Yeah. Sure.

Speaker 4: They're trying to get to the head of the snake rather than the tail.

Speaker 3: Yeah. I mean, I've I've seen enough crime movies to know that you don't want the boots on the ground. You don't want the goon. You want the you want the, you know, the top brass.

Speaker 4: Yeah. And, like, the reason why you would not give up the key, let the attack go on, to not disclose that you have the confidential information is so that you can use it to better trap the top of the ladder. But instead, you just kinda let them roll away.

Speaker 3: BK advisory lists Shukin as a wanted person. German authorities believe he's currently in Russia, likely in Krasnodar, the city where he's from. Russia, as we have discussed, does not historically extradite its citizens, given the current political climate. I would be very surprised if they decided to start now. His co accused Anatoly Kravchuk is also named to the German adviser, also believed to be in Russia. Kinda raises all the question, what does this BKA announcement really accomplish aside from giving us a satisfying conclusion to the story in a lot of ways? Mhmm. Maybe not even a conclusion. You still they're all still out there. But at least we have a name to point to. And for the victims of, like, a 130 attacks in Germany alone as outlined in this in these charges, for Kaseya and JBS, thousands of other businesses, not not a lot, I would say. This is not an arrest. It is a name, however. I wonder So it closes the loop on attribution.

Speaker 4: Yeah. I wonder what a new identity costs. Can't be that much.

Speaker 3: Yeah. But

Speaker 4: that's the thing. It's like you don't even need to worry about extradition treaties. Just become somebody else and, like, move to Thailand.

Speaker 3: Yeah. The and that's such an interesting question. Right? Because it's as long as you assume that there's no chance that the Russian government's gonna extradite you, you're probably in the safest place on Earth. But if there's even a possibility that they're gonna use this as, like, a diplomatic tool, you're in the most dangerous place on Earth because they for sure know you and no amount of fake identity is going to function in that ecosystem there. You know what I mean? Like, I don't I think there's a fake identity that might work in Thailand that does not work in Russia.

Speaker 4: Very much. Yeah. Yeah. And, like, when the government comes and asks you for favors, they will expect you to pay them out. Totally.

Speaker 3: Yeah. That's interesting too. Yeah. Yeah. Yeah. We're fine with you being here. It's a very nice penthouse you have here in Moscow.

Speaker 4: Yeah. We need we

Speaker 3: need some assistance with something. Totally.

Speaker 4: We have a we have a few little problems going on that we'd like help dealing with.

Speaker 3: Yeah. Yeah. We will not be dealing with you. Yeah. It's not that kind of problem, but you

Speaker 4: can go ahead and do it. You work for us now. We will let you stay here, but you are our employee. We control you. Forever.

Speaker 3: If you

Speaker 4: would like to leave your penthouse, please call this number and ask for a permit.

Speaker 3: Totally. Totally. It's a really nice penthouse, but you're gonna wanna stay

Speaker 4: in it. Yeah. Yeah. There'll be a guy outside the door with a bunch of guns. Just you know, he's there to keep you safe and make sure you don't leave.

Speaker 3: More ominously, it's like there actually isn't a dude out front.

Speaker 4: Oh, yeah. Totally.

Speaker 3: But a dude will show up if you get further than about a kilometer away from here. Yeah. And you won't know when. It might be then. It might be weeks later.

Speaker 4: Yeah. Don't do that. It might be in the coffee you get at the cafe. It might be yeah. Like, how ominous this stuff Totally.

Speaker 3: Like, we have no reason. All of this other stuff is decently well

Speaker 4: Well, so that like, researched. The thing for me that triggers it is, like, the fact that he's a known entity. Like like, if if he truly was unknown, you know, the Yeah. Then it's a different thing, you know, if they still haven't found the head of the snake. But if they know who the head of the snake or, like, who it is, but they're still not going after them, be it through joint, you know, task force or whatever it is, if they've taken out the ladder below them, but they're leaving the top alone, that tells that tells me more than, you know, anything else.

Speaker 3: There's also an interesting thing of, like think of this think of the politics of a big employer where you have, like, a community of people, and there's the one big employer that employs, like, 15% of the town. And it's like, don't mess with that company because that town is gonna turn on you because you're messing with the, you know, the the hand that feeds you type logic. I wonder if there's an element of, like, do you wanna know how we could really instantaneously infuriate the entire hacking community here in Russia going after this dude? Mhmm. Like, yes. We have a crazy amount of power and authority. It's just not prudent of us to go after this guy because there's a lot of people making a lot of money off him, including people that are our friends. Mhmm. You have that affiliate network. It's an affiliation of loyalty too, not just money.

Speaker 4: Totally. But I think I think money talks to

Speaker 3: Exact well, it's both. Right? They're all kinda loaded up.

Speaker 4: There's a reason why Russia is kinda like,

Speaker 2: yeah.

Speaker 4: We kinda let this happen.

Speaker 3: Yeah. It's a it's a company town.

Speaker 4: Yes. It's a company's country.

Speaker 3: It's a company country. It's such an interesting story. I I'm I'm fascinated by that, like, conference where someone just stands up eight months after this this word gets snuck into a filing that isn't a it's not a big filing. It's not one of the filings we cover on the show. It's like a little thing. It's just trying to get money from one government department to another because they think it landed in the wrong place after this war it's so technical and small, but the name pops up for the first time. And then, like, eight months later, these security researchers stand up, and we're like, there it is. That's the guy.

Speaker 4: Yeah. Fascinating. Interesting story.

Speaker 3: Yeah. It's an interesting one. Nice to

Speaker 4: It'd be Yeah. It'd be so interesting to get a guest on that, like, operates at this level, like like, somebody like a former director of international cybercrime, like, coordination. Because it would be fascinating to know to get a little look behind that curtain. Yeah. Because it is such a complex and complicated and diplomatic headache that it would be awesome just to get somebody to lift the curtain and let us in there for fifteen minutes. Maybe we should do do a little YouTube trip to Russia.

Speaker 3: Hell, yeah. Just hope Hell, yeah. Just hope they don't listen to podcasts there.

Speaker 4: We'll get new identities. Sure.

Speaker 3: Apparently, those are relatively affordable. Yeah. I would bet in a couple of years I don't know what the statute of limitations on these types of stories is. But at some point, we're gonna leave that window of time where the earliest crazy ransomware negotiations, and specifically the kind of ransomware negotiations where international diplomacy is a variable, are gonna start entering into, yeah, you can talk about that. That was fifteen years ago. That was ten years ago. That was twenty years ago. Sure. Yeah. That's gonna be an interesting day because there's not a lot of visibility into it. We've gone down the rabbit hole of learning about people that do consulting for private groups that They're allowed to talk about it because they're promoting their business. But I'm like, I want that person who's like, I'm just on phone calls with, like, the Kremlin to figure out how this is gonna go down because we have, like, a, I don't know, like, a butcher consortium here in the Southern United States that is offline, and there's, like, 20,000 people just waiting to go back to work while, like, a server gets decrypted. So I need to figure out how to do this without starting a war. It's like, oh, that's interesting.

Speaker 4: Like an international cybercrime fixer. Yeah. Yeah. So if that's you and you're listening to this podcast, get at hackedpodcast.com. Yeah. Yeah. I can. Come on the show. We'd love to hear about how this yeah. How the intricacies of the diplomatic side of it works.

Speaker 3: It's fascinating. I'm this is a tangent. Well, I think we're moving off this story in a minute, but, like We're tangenting.

Speaker 4: This this podcast

Speaker 3: is a tangent. Is a tangent. We do we do interviews with real grown ups, and then you and I spiral on tangents. It's it's what it is.

Speaker 4: You're here for it or

Speaker 3: you're not. No. What I was gonna say is, the show The Pit. I don't know if you you are familiar. I'm sure

Speaker 4: you're familiar. I know I know what it is. I have never seen an episode even though it has been popping up in my news feed as of the last couple days because somebody left the show, and that's big news.

Speaker 3: Oh, I didn't know I didn't know that. All I know is it's a pretty it's a pretty good TV show, and it had a major plot point in a season that involved a cyber a ransomware attack on a hospital. And I was like, this is so interesting to me. Like, it it feels like seeing someone from work in the real world, and it's kind of uncanny. It's just seeing the teacher in the parking lot of the grocery store. You're like, oh, that that's out here now. And it's it's reached that level of, like, ransomware is now In the zeitgeist. In the zeitgeist in a really fascinating way. Yeah. And well and now we've allegedly have the name behind one of its largest operators. Allegedly. Allegedly. Reval. Reval. Gand crab

Speaker 4: Are evil.

Speaker 3: Unknown. I like Gand crab.

Speaker 4: Also, like, to talk about tangents Yeah. What is with this obsession about people naming things after, like, aquatic creatures? Like, clawbot Yeah.

Speaker 3: Crabbot.

Speaker 4: It's all about the lobster, and it's, like, open claw. You know? This is like a like Yeah. They're all like crustaceans. Like, what's with this obsession, this recent obsession with crustaceans?

Speaker 3: I I think those two because I doesn't incorrect me. I think I'm about to say something wrong. But isn't open claw a, like, play on Claude?

Speaker 4: Yeah. Well, it was originally Claude bot. So, yes, I think it it ended itself as open claw.

Speaker 3: Yeah. Then it adopted, like, a lobster, like And GandCrab precedes the existence of Claude. So we kind of have to infer that this is just a weird coincidence.

Speaker 4: Yeah.

Speaker 3: You know what I mean? Like

Speaker 5: Totally. Totally.

Speaker 3: There there's an air gap between the inspiration on them. But to

Speaker 4: me, it just jumps out into this weird pattern forming. Yeah. Sure. People being like, yeah. Yeah. Crustaceans. Like Oh,

Speaker 3: the international cybercrime syndicate lobster face. And you're like, what? What's that? And they're like, oh, they took down shrimp head. Like, oh, no. They were they were bad. Yeah. It's it's weird. Yeah.

Speaker 4: Should we sail our way in the open seas? To piracy? To the Ad Oasis.

Speaker 3: To the Ad Oasis. The waterslide. The waterslide. Yes. I love it. Let's go to the waterslide and then we'll come back and we'll do some myths. Starting something new isn't just hard. It can be downright terrifying. You put a lot of work into a thing. You're not entirely sure it's gonna work out. You're taking a huge leap of faith. I've started a few things. Now I know I was right for believing in, you know, the idea, the product, despite all of those fears and hesitations, but boy, does it sure help when you have a partner like Shopify on your side. Shopify is the commerce platform behind millions of businesses around the world and 10% of all e commerce in The US. From household names like, well, hacked podcasts merch, to brands just getting started, you can get started with your own design studio with hundreds of ready to use templates. Shopify helps you build a beautiful online store that matches your brand style. Did I mention that that iconic purple shop pay button is used by millions of businesses around the world? I don't know why I wouldn't. I should. It's why Shopify has the best converting checkout on the planet. It also helps boost conversions, meaning less carts, sort of getting abandoned in the parking lot and more sales for you. It's time to turn those what ifs into sign up for your $1 per month trial at shopify.com/hacked. Go to shopify.com/hacked. One more time, that's Shopify dot com slash hacked.

Speaker 6: Thinking about refreshing the carpet in your home? Now's the time to do it. For a limited time at the Home Depot, get 10% off installed carpet projects on trusted brands brands, like Lifeproof, Lifeproof with PetProof Technology, Home Decorators Collection, and Traffic Master. Plus, with installation starting at just 49¢ per square foot, upgrading your space is more affordable than ever at The Home Depot. Offer valid 06/11/2026 through 06/28/2026. Exclusions apply for licenses. See homedepot.com/ license numbers.

Speaker 5: Whatever your thing, it could be anything. Canva helps you make that thing a thing. Canva is a simple online tool thing. It's a way to design with our magic AI tool things. You can social media your thing, generate images or videos of your thing, make decks for presentations to show your thing. Whatever needs to be done for your thing, Canva can make it an even better and bigger thing. Canva, the thing that makes anything a thing.

Speaker 7: Study and play. Come together on a Windows 11 PC.

Speaker 2: And for a limited time, college students get the best

Speaker 4: of both worlds.

Speaker 2: Get the Unreal College Seal, everything you need to study and play with select Windows 11 PCs. Eligible students get a year of Microsoft three sixty five premium and a year of Xbox Game Pass Ultimate with a custom color Xbox wireless controller. Learn more at windows.com/studentoffer. While supplies last, ends June 30, terms at aka.ms/collegepc.

Speaker 4: Welcome back.

Speaker 3: Oh, welcome back. So did it Is

Speaker 4: there anything else you wanna talk about?

Speaker 3: Yeah. Did anything else happen? Well, you you're doing the bit that I'm doing, because we can't both we can't both do the bit. Can we do both do the bit? Scott, is there anything we should talk about?

Speaker 4: We can talk about Anthropic's latest release and their insane promotional budget and promo videos for it. I'm more interested to talk about the marketing of Literally. Anthropic's mythos.

Speaker 3: Especially given that we might talk about just come back from a commercial break.

Speaker 4: I'm doing it again, Jordan. Doing it again.

Speaker 3: On April 7, Anthropic announced Claude Mythos preview. This is, I think, this is a fascinating story. It's a security story. It is very much a marketing story. Claude Mythos, and this is according to the announcement, it's the most capable frontier model to date, big improvements in reasoning and coding, and very importantly for our purposes here, cybersecurity. In an atypical move, they chose not to make it generally available restricting the access to, like, this consortium of 12 partner organizations. This is according to TechCrunch. Amazon, Apple, Broadcom, Cisco, CrowdStrike, Linux Foundation, Microsoft, Palo Alto Networks, as part of an initiative that they have announced in this very fascinating marketing video called Project Classwing. Yes. In addition to that, they committed a $100,000,000 in usage credits and 4,000,000 in direct donations to open source security organizations. And then everyone acted cool and normal about it, and no one lost their goddamn mind.

Speaker 4: Well, there's two there's two stories here.

Speaker 3: Yeah.

Speaker 4: One, let's talk about the technical side first because it is

Speaker 3: It's interesting.

Speaker 4: It is interesting, but to me, it's less interesting than the marketing story. So Anthropic has this new model, Mythos Yeah. That they have trained to essentially chain attack vectors together. So that somebody has spent taken the time to, you know, really train the model and tune it to identify security issues. Like, we were talking about, like, Karuna and, like, you know, these multiple attack vectors and chain exploits.

Speaker 3: Yeah.

Speaker 4: They've now trained a model to do this. So we can find like a pretty low key exploit that doesn't really get them what they want, but then they can figure out that when it it chains that to another low key exploit that doesn't really get them what they want, they can actually get an escalation of privileges. So so they've created a model that's essentially doing what a advanced hacker or cybersecurity red teamer will do. The thing for me is that this probably already exists in the sense that, like, there's some hacker out there that's taken something like a Kimmy k two five or, like, an advanced model.

Speaker 3: Kimmy k two five is a is just like an advanced open source model.

Speaker 4: Yes. Correct. Yeah. Yeah. Out of China. Great model. Use it all the time. And then they probably added, like, a low ranked adaptation adapter to it and gave it some extra tuning in these things. There's somebody out there that has probably done what they've done here and probably has this already operating. They just don't have the compute capacity that Anthropic does to really, like, hammer through millions of lines of source code. And I think that's the big thing is, like, they've created something that's that's the ultimate cybersecurity hacker, but it's also the ultimate cybersecurity fixer. They've created both, like, the like, it's both a red team and a blue team, and it just depends on who's using it. I I think that's gonna be the interesting thing. So the the the big group that they've launched that you mentioned with all of the Microsofts, Googles, JPMorgan, CrowdStrike, Amazon, all of the preferred American companies, they've done that really in the sense of, like, this model is gonna get public or or China is gonna build their own model or Russia is gonna have one of these soon. So, like, let's make sure that we batten down the hatches, for lack of better terms, on major infrastructure companies that provide services. Like like, some somebody like a Microsoft, and I'm I'm tangenting here. Microsoft's similar where they've got an upstream and a downstream. Right? Like, there's so many million org or, like, thousands and hundreds of thousands of organizations that run the Microsoft suite. So if they can harden the Microsoft suite, they kind of umbrella protect a huge chunk of of organizations in, you know, not even just America, but all across the world. Amazon, same thing, like AWS, Microsoft Azure, Google Cloud. They're all, you know, massive things being used by huge companies. It is interesting that there's not, you know, essential utilities in this consortium. Like, a lot of those systems have custom like, if you're managing a nuclear plant, it's probably all custom software Yeah. Custom control systems. They might wanna invite those people to the party.

Speaker 3: But There's a line in the video. There's a lot of lines in the video that I think are really fascinating In addition to some like music that was chosen so so carefully to inspire calm, but sort of serious calm. In any case, the line that sets it up well is if LLMs are now able to write code, and this is clearly more than just an LLM, but the line is, if LLMs are now able to write code at the level of some of the greatest software developers in the world, it can also be used to find bugs and exploit that software equally effectively. I think that's that was the big kind of moment of awareness, I think, for the population of I've been hearing this story that I've been hearing this story that these tools are exceptionally powerful for software development. I use it to maybe rewrite an email or like I kind of use it in place of a Google, but the real capacity seems to be creating software. And this seems like a big moment for people understanding that, like, a tool necessary to create software better. So too do you get tools for exploiting software better. To write is to review, and to review is to hunt for bugs so you can send these things bug hunting, and sometimes they're gonna find them. And the reason this got so much more press, I think, than the normal announcement being like you wouldn't believe what we've created in this new model. We've heard that announcement before. Call it every three months like clockwork since GPT two came out. The reason why was because when they sent this model bug hunting again, with all of the resources of anthropic behind it, with all of functionally unlimited time and compute, with the potential of a massive marketing carrot in the form of cybersecurity, they tasked it with bug hunting. And it seems like it did find some. It did. Enough to warrant this level of, response up to you, but they sure did find stuff, and it's pretty interesting.

Speaker 4: It it it it made it credible. Exactly. Credibility is a great word.

Speaker 3: Yeah. Yeah.

Speaker 4: It the so so some of the big ones that it found is it found so OpenBSD, you know, classic security favorite Linux or, like, a BSD distribution, POSIX distribution, hardened forever. You know? It's been a it's been an operating system that people have hammered on. It's supposed to be one of the most secure. It was intentionally done. It's had security audit after security audit. People go through the lines of code with a comb. And it found a twenty seven year old bug that had been missed after twenty seven years of people going through it with a with a comb. Yeah. And that's a big deal. Mhmm. And it it makes it credible. You know, it was also able to break out of its old little sandbox. Who knows how complicated that was? It was also tasked with that. But, like, escaping a Docker like, it asks it currently asks you to, like, escape the Docker. So is it really just giving itself permission to escape the docker? You know? You know what I'm saying? I don't know if you know what a docker is, but, like, a container on your computer that it's running inside of.

Speaker 3: Yeah. I'm understanding the premise that, like, we gave it a test. We created the test that it passed, and now we're scared. It's like, well, you created the test. There's

Speaker 4: a

Speaker 3: lot of this is very specific when you hear, like, we found a twenty seven year old bug in open BSDs, TCP sec handling. Like, it's, like, so detailed and specific, but it's like, well, what very, very specifically was the bug? What was this very specifically the, like I use a tool sometimes. I've used a tool called FFmpeg, so I was drawn to this. It's like a conversion codec, and it's like, oh, they found a bug in that. And I'm like, but specifically, what kind? I've seen a lot of people and this is neither bearish or bullish. I think it's just useful context is that bug is not binary. There's not one thing

Speaker 4: called a bug. Shades of

Speaker 3: the same bug. Of bug. There's, oh my god, it gives you root access, full compromised control of the system. Or there's in an extraordinarily narrow edge case, it can cause the system to crash.

Speaker 4: Or, like, the text to render incorrectly over here.

Speaker 3: Maybe a computer goes, but nothing there's no Yeah. You haven't infiltrated a system. And then there's the other end of it. So it's like, there's just a ton of this that is ambiguous right now.

Speaker 4: Well and and a 110 page document that Anthropic put out. I'm not sure if you had a chance to see that lovely This is true. There there's a section of it called responses, which is just some of the anthropic staff reacting to the model doing things.

Speaker 3: Interesting.

Speaker 4: Something that I've I've never and it's it's it's thank you for sponsoring the show, but I've never seen something more biased and unique Yeah. In any kind of marketing document marketing presentation around these things. It's very interesting. And I've heard some criticisms of Avantropic and the way that they release their models is typically with this, I don't want to call it like a doomer angle, but they're like, they definitely lean into it a bit. And and it creates a bit of a social uproar around it. And I think they've really adopted the, there's no such thing as bad press. And and I think it works for them, and it is working for them. And look at all the attention they're getting from people like Gus and everybody else. And as you mentioned, the mainstream media is picking this up because they're just like, is security over?

Speaker 3: Yeah.

Speaker 4: It's the marketing side of it is the more interesting part of the story here. The fact that somebody tuned a model to like look for security vulnerabilities is like, we were at Defcon last year or two years ago,

Speaker 3: and they would

Speaker 4: probably had this model built at that point, or somebody had tuned a model to look for these types of things.

Speaker 3: I think that an awareness that these types of systems have increasingly relevant uses in security is, like, that's just true. That that it's like, yes. We should all be aware that where these are going as they get better at creating software, they will get better at exploiting software. A big moment where we all go, oh, k. Got it. Understood. That is important, and that is real, and that is relevant. The idea that other element of it, which is this feeling, which isn't expressed literally in the video, it's just more the way people talk about it of, like, as you said, security is no more. It's like, to be clear, there are a finite number of bugs in the world. People have been hunting for those bugs for years. They find most of them. They get patched before you ever have to encounter them. Sometimes they don't. Bad stuff happens. Mhmm. This is both a tool for finding those exploits. In the same way that a tool for creating software is a tool for exploiting software, a tool for exploiting software is a tool for patching software. Totally. You just have to find the exploit first. So I view this as, in a sense, also a marketing exercise. Because maybe we have a model that is not economically rational to distribute to the public based on the compute cost of it, and maybe it's extraordinarily useful for cybersecurity. So maybe we give a $100,000,000 in coupons to the biggest companies in the planet.

Speaker 4: Who are gonna spend a billion. It's a 1010% discount. Maybe. Pretty much. A legend.

Speaker 3: A legend. But but but and that's not even, like, oh, bad. I'm like, no. That that just makes a lot of sense. You have a tool that will genuinely be extremely powerful for cybersecurity research. It's not quite ready to put out to the general public for a panoply of reasons, economic ones, and, like, no. We we actually the core premise that we shouldn't put this out right now when it's scoring 88% on Cyber Gym and, like, seventies it was 77.8 on SWBE bench. Like, that's real. That's that totally tracks to me, and let us let off the nuclear bomb of AI marketing in security. Like, both can be true at the same time.

Speaker 4: Yeah. The if you if you really think about it, like, Anthropic has done some brilliant brilliant developments. Like, they went after like, we talked about this last week or last episode, but they they've spent the time and money to focus on software engineering because they know that that's

Speaker 5: a multi

Speaker 4: trillion dollar TAM, total addressable market. If you if you were to replace software engineering globally, how many software engineers that are highly paid in demand can be replaced by AIs? Probably a decent amount. Like, there's always gonna be engineers leading the AIs, developing the products, things like that. But the actual raw building of the code, an AI has demonstrated that it's quite competent at doing. Does it build currently build the best code? No. Does it still need humans to review it? Yes. Does it still introduce bugs? Yes. It It looks like what they've done here is really build a model that's tuned specifically to fight the SWE bench benchmarks, things like that, to get really good at building the code. So if they can ever get it to the point where it's building bug free code, which it currently doesn't, and I use these tools all the time, they could theoretically own a multitrillion dollar TAM, which is a huge thing for a company that wants to be, you know, the biggest in the world. We collectively, you know, we being humankind, depend on trillions of lines of code, some of which date back fifty, sixty years. So if you and all of those all of that code is faulty to the human error that introduces logic bugs, bugs, things like that. This system will probably really be good at cleansing through tuning up and patching known vulnerabilities and known exploitable vulnerabilities in code. The thing that it doesn't scream to me and I did not see in any of the marketing was, can it create its own vulnerability? Like, you know, a human came up with smashing the stack. A human came up with man in the middle. A human came up with all of these clever ways to bypass security, to figure out structural issues in the programming language, in the memory blocks, to do all of this complicated stuff. When an AI introduces a new one of those, I'll be very impressed. Just being able to go through and identify potential issues that are known issues in existing code, to me, is not it's it's impressive, obviously.

Speaker 3: But it's distinct from the thing you're describing.

Speaker 4: Yes. Yeah. It's not it's not creating the vulnerability class. It's just taking known attack vectors and looking for them.

Speaker 3: Interesting.

Speaker 4: Very different thing for me.

Speaker 3: Yeah. The technical side of this is so far above my head. My my I'll I always end up settling back down to where we started on this, which is the the sort of the way you tell the story about this and the marketing side of this. And it it is just fascinating to me to see people because no one is in that distinction you're talking about between identifying a bug and coming up with a new category of exploit. But it is making peep peep people aware of this thing.

Speaker 4: You know? Yeah. Like, when we talk about bug bounties, like, most bug bountiers, they know a suite of attacks. Let's call it, like, 50 styles of attack, SQL injection,

Speaker 5: in the

Speaker 4: middle, you know, whatever it is. Yes. Like and and and they'll test endpoints against them, and they're looking for known things. Very rarely are they sitting down and going, okay. This is running like, and that's the other thing is that a lot of these systems are closed source. So they can't just sit down and and thread through the source code of the server running to be like, is there an option here? Where can I find a place where I can do an injection of this style or a memory overflow here? And I don't yeah. I don't I don't know. Training training an AI could be a bug bounty here to me is, like, that's not such a bad idea.

Speaker 3: Yeah. I mean, especially if you're selling people the tool that they're developing their own software in. Like, everything up until this point has been a discussion of software that already exists, but these are let's go back to the very start of this discussion, which is, boy, are these things useful for software development? It's like, well, do you wanna use the one that scores really high on nipping its own bugs in the butt? Kind of better way of putting that. But, like, do you wanna use that one or do you wanna use the one that's that's worse at that? Because the one that's better, that could be used to exploit the software that you're creating with the other one.

Speaker 4: Totally. Yeah. They're they're building, like, an escalation in the marketing world, a pipeline. It's like, hey. You know, you just vibe coded together a SaaS product that you think is gonna make you rich. There you go. You've got 275,000 lines of code. Do you wanna pay a thousand bucks to make sure that it doesn't get hacked? Truly. Like yeah. Truly. That's that's what it's gonna be.

Speaker 3: I'm also that's just a small thing to kind of wrap on is I am fascinated by the naming of all of this. Like, so so anthropics models have, a, like, language poetry naming hierarchy, or, like, there's there's there's fast little models called haiku, and it's fast and efficient. Like like a haiku. And then a sonnet is, like, kind of the next level up. And then, you know, a sonnet's longer than a haiku, more intense, more involved. Then you get up to opus. Someone writes their opus. It's their big long novel. So you got haiku, sonnet, opus, and then you get to this one. And it's the one that they're not releasing yet because it's too powerful. And you name it after a myth. I'm like, that's just I was like, that's such a choice, and I haven't heard anyone talk about that. The decision to name this as a mythical thing when it cannot even be released because it is too powerful is, like, that's so on the nose. Hey.

Speaker 4: As as a fan of Greek mythology Sure. It's, like, it's marketing. And it's like, if you've ever seen an interview with Dario, it doesn't surprise me. Like, the man seems like he's great at marketing. The yeah. I I I I don't know. I'm I'm I'm excited by this more than I am scared of this. Let's just say that.

Speaker 3: Yeah. I'm more interested in it than I'm it's and, again, it's the hype counter hype cycles. Right? Like, literally, the day that we recorded this probably would have had a really huge impact where I'm glad that we waited until over a week later to get to talk about this. You get the hype, you get the counter hype, you get the counter counter hype, and then everything kinda just chills out a little bit. And you're like, yeah. It was a great marketing video. The goal of those is to create hype for a product that seems like it is legitimately very, very impressive sort for cybersecurity reasons.

Speaker 4: Yeah. And, like, if you go on hugging if you go on hugging face, there's thousands of people tuning models to do different things all the time. Like it's something that like casual, like recreational activity for nerds, like you can do this. I guarantee somebody has done this already. So it's good that like a major company has done this so that it can then push that model into the hands of people like Microsoft, Amazon, you know, critical infrastructure providers. Because I would bet money that there there is a there is a consumer version of this floating around in the hands of the wrong person somewhere. That could be North Korea. That could be Russia. It could be wherever.

Speaker 3: Yeah. I remember a couple years ago when DeepSeeker one got announced. And it was this thing of, like, there is an open source internationally produced model that you can run locally or in your system, and it is x percent as good as the sort of flagship models. And that's been changing every single day since, but that basic story went wide of, like, you don't need a kajillion dollars in venture capital to produce these anymore. The technical innovation is caught up. Now they're the the barrier of entry is a little bit lower. And I'm like, oh, but that's gonna so that that empowers people to write emails and some code differently in a different economic model, potentially without the safeguards of a large corporation kind of acting

Speaker 4: Of course.

Speaker 3: And on for it's like okay. So, like, give it so so so when does when is there a mythical version of one of those things? Like, if we're using mythical to describe security forward models, it's like when does the open source mythical security model come out? Because that's a really different story than rewriting your emails and doing your haikus. That's that's a really that's a whole different can of worms.

Speaker 4: Well, there there there have been, like, they as somebody that follows both the major American, you know, commercial models

Speaker 3: Mhmm.

Speaker 4: And the open source model world, The open source world has some amazing models.

Speaker 3: Yeah.

Speaker 4: Like, Kimi that I mentioned earlier, which is now months old and probably not the best anymore. But, like, there's GLM, there's Kimi, Jemma just had a couple new releases of the incredibly tiny models that are incredibly strong. That's the other thing is, like, the whole innovation curve is moving, and people have figured out how to make better, smarter, faster, smaller models. And we're seeing that in real time. Like, especially with the the push for mobile, like, people wanna have full fledged LLMs running on your mobile devices. So there's this massive push to build tiny models that are incredibly operationally efficient, but also score really high on the benchmarks. And they're they're they're doing it. Like, the new JEMMA models are tiny and amazing.

Speaker 3: Yeah. I wanted to talk to you about JEMMA. I was watching a thing of just just like yeah. It's literally in the Google app if you wanna try it on a device to just have a local model performing. And I'm like, that's that's kind of nuts when you consider that in addition to, like, code and generative output, it's like they sort of just also contain most of the Internet in them inadvertently as text. So it's

Speaker 4: like Statistically. Yeah.

Speaker 3: It's just like, okay. So it's a real hitchhiker's guide to the galaxy type situation here. I can be on a on a non Internet connected device and can summon an extraordinary amount of information in a few gigabytes, which I guess isn't that different from just downloading an offline version of Wikipedia, but it sure feels different when you could talk to it.

Speaker 4: Yeah. It's like it's like, think of it as the ultimate compression. Yeah. There you go. It's like a statistical compression model Yeah. That has can take, you know, hundreds of terabytes of knowledge and compress it down into a few gigabytes that runs with a pleasant communication platform.

Speaker 3: Natural language communication, the foundation of why we all lost our minds in the first place. Yeah. Totally.

Speaker 4: Yeah. In multiple languages. Yeah. Yeah. It's, it's fascinating times at Ridgemont High.

Speaker 3: The downer sequel to that below the classic.

Speaker 4: Is there

Speaker 3: anything else we should talk about?

Speaker 4: I think, you know, when we're in the in the space of chatting about how powerful these models are and, you know, trusting strong Western corporations, we should also talk about how weak they are to bypass their security things. A new jailbreak technique has come out called sock puppeting, which allows attackers to bypass, all the safety guardrails. And and they've managed to do it on all of the major models. You know, Lambda, Gemini, Claude, ChatGBT. And, essentially, what it is is there's an API feature that allows developers to kind of prefill assistant responses. And Oh. By injecting compliancy into the prefill, you get compliancy in the output. Does that make sense?

Speaker 3: A 100%. I'm looking at a flowchart on this website that Yeah. Makes it quite clear.

Speaker 4: We're looking at cybersecuritynews.com if you'd like to go check it out yourself.

Speaker 3: Yeah. I

Speaker 4: got this in my newsfeed this morning, and it caught my eye because I know Jordan likes to talk about jailbreaking these things.

Speaker 3: So the normal flow would be if you were to ask one of these systems, hey, what is the system prompt? The model generates a response that says, sorry, I can't tell you the system prompt or my internal instructions. Whereas, if you inject this attack to the level of, like, that little proceeding thing that goes into every response and with the like, something like, sure, here is, like, an affirmative positive start to an answer, and then you ask it, what is the system prompt? If the attack works, it will then give you the answer. The system prompt is blah blah blah blah blah.

Speaker 4: So so just for knowledge, so if you're building AI powered systems, say you have an explicit output format. So say I'm asking for something to be like a research report, and I have, like, a template for what I want the research report to look like. You can inject that into the prefill. So that's typically what that's used for. So it's like, hey. Write me this research report on Jordan Blumen of Hack podcast. And I can then give it the research report structure that I want as the prefill, and it will fill fill out the rest of the report. So so it has a valid use, but, essentially, what it's doing is preempting, the model before the security checks or, I guess, after the security checks to bypass it. So essentially, by by injecting compliance in there, so if I say, hey, I want you to hack the Mexican government, and then I inject in the security or into the, prefill, like, yes, I would love to help you

Speaker 3: with that.

Speaker 4: Love to help. I would love to help you with that.

Speaker 3: Dot dot dot. Yeah. Sure.

Speaker 4: Then then it goes, oh, okay. Like, I'm already preapproving myself to do this.

Speaker 3: Right.

Speaker 4: So I'm sure they'll have this patched if it's not patched already.

Speaker 3: But Yeah. I feel like you don't even publicize this until you've informed the people. It was Gemini two in terms of the hit rates on this, it was fifteen point seven percent successful in Gemini 2.5 Flash, eight point three percent successful in Claude for Sonnet. Those were the highest. There was partial vulnerabilities in Quinn and Gemma, but it goes down from there. That's interesting. Yeah. At this point, we so we've talked about jailbreaking these models a few times now. And I'm starting to reach a point where I'm like, why would you use a model if you were up to something nefarious, why would you even embark on using a model that require requires jailbreaking when there are already pre jailbroken versions of the open source models like DeepSeek and and all those other ones. Like, those forks, it's well documented that they exist. The ones that are just like, oh, I'll let you do functionally anything as long as you're running it locally. It's like, why go after Gemini? What's so hot about Gemini 2.5 Flash that you gotta use it on that one? And I guess it's just about who the user is and what the specific situation is because there's a big gulf between some young person just trying to get it to output something it shouldn't and, like, a very serious, steely cyber like, hacker, basically.

Speaker 4: Yeah. I think this was found by red teams, naturally. You know, people trying to do this.

Speaker 3: Researchers, my favorite people.

Speaker 4: Yeah, exactly. I think the big thing that you do it for is intellectual property theft. One of the main things that they show off

Speaker 3: here is that

Speaker 4: they could get the system prompts out, which tells you a lot about how, a, how the model's trained Yeah. B, how to function with the model, what what its what its control scales are, what its personality is defined as. That's a good thing. Those little Yeah. Yeah. So so to steal that, because that gives you a ton of insight into the model, but also, they were using it to generate exploits. So essentially, you could trick a model into writing you an exploit

Speaker 3: code

Speaker 4: for an O day.

Speaker 3: There you go. And you didn't have to get a model right locally. Yeah.

Speaker 4: Exactly. Didn't even have to waste your time spinning up a local model.

Speaker 5: I was just supposed to

Speaker 3: really like the idea of someone rigging up a system, and then the prop is being hacked the Mexican government. I know that's because we covered a story of someone hacking the Mexican government.

Speaker 4: Yes.

Speaker 3: I just like the idea of starting that high and then, like, going to get lunch and coming back and seeing what it got up to.

Speaker 4: We should really cover that story in detail. I've been reading more and more about how it happened as as they've been kind of giving the post the post mortem on it. I think it's definitely worth, worth a discussion here, maybe next episode or the episode after.

Speaker 3: I'm into that. Yeah. Okay. I got a little quick one to wrap up on. You know when you're standing at a, like, crosswalk intersection and you press the button and it makes a little beepy noise?

Speaker 4: Yeah. Of course.

Speaker 3: Of course. Beep Boop. Goop. We're all familiar. Last April, hacker exploited, like, a a default password situation on one of the central databases for these things on the polar cross work buttons, which are used in Silicon Valley across The United States and replaced the beep boop audio file with deep faked audio of, like, Zuckerberg, Musk, Bezos saying crazy crap about, like, AI and technology so that anytime anyone crossed to walk at the crosswalk, instead of beep boop, beep boop, they heard Musk describing Trump as actually really sweet and tender and loving.

Speaker 4: Well, first and foremost, I'm gonna say that I'm, disgusted by this attack because the beep boop is actually for people who can't see.

Speaker 3: It is a it is a major accessibility, issue.

Speaker 4: And, as funny as you could take it to be, they created a risky environment

Speaker 3: that would

Speaker 4: be hazardous to people, and I just can't get behind that as a well natured person.

Speaker 3: Sure. Sure. Sure. Sure. Sure. It it's very it's very high minded of you. I it does raise an interesting question of does, Jeff Bezos talking across the intersection function at the in the same way as the beep boop beep boop? I would imagine not. I imagine you rely on

Speaker 4: You've got to imagine that some researcher spent millions of dollars of government grant money figuring out the optimal beep boop.

Speaker 3: Well, and even if they did it, even if it's just a a rudimentary beep boop, that people especially with people with, like, say, like, a a singing assistance dog or something that would itself be trained on knowing I need to go towards that specific sound. This got way more earnest and serious than I was expecting it to when I barked on this story. No. Let's really dig into this, because you make a really fascinating point. In any case, these, like, there's there's there's official online manuals aimed at, like, the thousands of different technicians across the country who have to go and, like, do maintenance on these little buttons describing how, like, the Bluetooth enabled version of this Polara model ships with a default password of say it in the back if you know the words 1234. BEPBOOP. So the vulnerability was was was there, eight months before last year's button kind of hacking whole thing. There's a physical security vlogger named Deviant Olam who posted a video pointing out how easily these things could be compromised. It's just a fascinating little story to wrap up on.

Speaker 4: I just, just looked up the history of these things.

Speaker 3: Of the beep boop?

Speaker 4: Of the beep boop. Hell, yeah. So in the, the nineteen twenties, some of the earliest traffic signals in The US actually used bells, physical bell ring every time the light changed. Wasn't specifically designed for the visually impaired. It was more designed to wake up distracted drivers.

Speaker 3: Yes? What was going on in the past that they're like, people keep falling asleep in the intersections?

Speaker 4: In 1928, Japan began experimenting with mechanical bells specifically to assist blind pedestrians. By the nineteen fifties, they had evolved to a standard clanging noise to facilitate such such crosses. Sure.

Speaker 3: You do go to other countries and you hear a different beep boop, and you're it's like clunk clong, and you're like, ah, that's ah, I don't like that.

Speaker 4: In the seventies and eighties, they moved to a more bird related one. So they actually had directional birds. So it was a chirp for east to west and a cuckoo for north to south.

Speaker 3: Yo. That's actually really cool.

Speaker 4: Mhmm. In Australia and Europe, they had a steady ticking sound, which I'm sure you've heard. You've well traveled. Yeah. Yeah. Served as a locator tone, helping, physical push button box or helping users find the physical box before the light had even changed.

Speaker 3: Hey, everyone. I know that you listen to this show for security related stuff, but would you be down if we did some episodes that are just us going on crazy deep dives into obscure technology? Because boy, would I be into it.

Speaker 4: Maybe you could make a YouTube content. The That's so interesting. In the 1990, Americans with Disabilities Act, ADA, they did a lot more research into it. They dug into it, and they also found that the loudspeakers' monitor were too high on the poles, making it different for users to determine exactly which crosswalk was active because, you know, sound is a wave. I mean, you put the speakers really high. The wave starts and exactly. And it also, unsurprisingly, annoyed the neighbors. Sure.

Speaker 3: You pointed it over my fence.

Speaker 4: Yes. Then they went and tried, they took away the ambiguous bird cuckoos and went to a the North Crosswalk is now on. Like, they went to, like, an auditorium. But that has issues

Speaker 3: for people that don't speak the language. Of course. Interesting. I also wonder if playing oh, no. Please continue. Please continue.

Speaker 4: Bringing us to, essentially, the present era where we now have these, specialized systems with these beep boops. And I will tell you, interestingly enough, they have noise detection, apparently. I did not know this. They will alter their volume based on the atmospheric noise around them. So if you're at a quiet intersection, it's actually much less annoying than if you're at a very loud intersection because it needs to jack up the volume. Did not know this. Fascinating. The, Sorry? No. No. No. I I can keep going.

Speaker 3: I can't take us on a further tangent, though I have one.

Speaker 4: Yeah. We got I got one more thing to cover.

Speaker 3: Wait on me.

Speaker 4: You can go wild. Recently, they've been adding smartphone connectivity, which is probably where this Bluetooth accessibility comes in because a lot of, visually impaired people apparently use headphones and have specialized beacons. No shit. That these things now communicate with, which gives them a much better signal

Speaker 3: That's so cool. Than just

Speaker 4: the beep boop.

Speaker 3: Yeah. That's cool tech. Yeah. Okay. We're we're engineering the problem out. That's really neat. Yeah. I mean, don't hack these. Like, they they they they have purpose. They're important infrastructure. This is, oh, man, brick wall of ending the episode and whenever I'm done saying this because we can't tangent off this tangent. There is a concept in the world of birding called playback, which is that you can try and get a bird to come out or come to you by playing audio of that species of bird as a bird call off of your phone, and then the bird turns out.

Speaker 4: It is Hunters have been familiar with this for

Speaker 3: It is naturally contentious because there's an element of, like, you're in a city and the bird's minding its own business, and now the bird is thinking there's another bird around and what kind of effect have you had on the ecosystem of birds. All of that notwithstanding, I'm realizing that having these machines make bird sounds was probably just like like a religious event for birds in whatever city that was in where they're like, the number of birds just tripled, but they're robots. And I don't know what they are. Is the bird in the box? I'm standing on the box, and it's making the bird noise, and I can't find the bird.

Speaker 4: Well, here's here's the here's the natural tangent from that. Oh, please. Is aren't all birds robots, Jordan?

Speaker 3: Thank Thank you so much for listening to this episode of facts. It's like we'll talk about, like, Russian cybercrime, but it's just like you're gonna you're gonna attract some heat to us if you bring up this bird conspiracy.

Speaker 4: If it if it flies, it lies, Jordan.

Speaker 3: If it

Speaker 4: flies, it lies.

Speaker 3: Thanks for listening, everybody. That was a fun one, and, we'll catch you in the next one. Take care.

Speaker 8: Where's your playlist taking you? Down the highway, to the mountains, or just into daydream mode while you're stuck in traffic? With over 4,000 hotels worldwide, Best Western is there to help you make the most of your getaway, wherever that is. Because the only thing better than a great playlist is a great trip. Life's a trip. Make the most of it at Best Western. Book direct and save at bestwestern.com.

Speaker 7: Athletic Brewing Company crafts award winning nonalcoholic beers for those who wanna be part of every round. With over 185 flavor awards, they're exceptional NA beers that fit your lifestyle and any social occasion. Summer's full of good times and athletic fits right in. Go to athleticbrewing.com to have brews delivered to your door or find them at a bar, restaurant, or store near you. Near beer, athletic brewing company, fit for all times. There's a new way to sweet greet. Meet wraps. Handheld, hearty, and made for life on the move. With bold chef crafted flavors, fresh ingredients, and over 40 grams of protein, they're built to satisfy without slowing you down. Try wraps today in the app or at order.sweetgreen.com, available at all participating locations.