Darknet Diaries - 172: SuperBox
Episode Date: April 7, 2026What if there was a device which gave you endless movies and TV shows without ads? Ok great sign me up! In this episode we interview “D3ada55”, who found such a device, but as she gazed i...nto it, she discovered it gazing back at her.SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This episode is sponsored by Meter, the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that’s built for performance and scale. Alongside their partners, Meter designs the hardware, writes the firmware, builds the software, manages deployments, and runs support. Learn more at meter.com.This episode is sponsored by Exaforce. Exaforce was created to handle the complete security operations workflow - detect, triage, investigate, respond. Exabots autonomously manage every stage, eliminating gaps between alert and action that slow down traditional security operations. And how it works is simple too: the exabots ingest all security data and then semantically connects it to understand the full context of security events and how they relate to each other. Learn more at exaforce.com/darknet-diaries.
Transcript
Discussion (0)
Hey, hey, it's Jack, host of the show.
I went to IKEA the other day to buy Lamp,
and when I went in,
I saw that they had a recall notice on the bulletin board.
Their garlic press was getting recalled.
They said that 10 people got injured using it,
and I think little metal bits would fall off and cut some fingers.
So they stopped selling it,
and were issuing full refunds to anyone who bought one.
And it made me think, hold on,
has this ever happened with computers?
Like, has a store ever recalled a computer because it was dangerous?
And what does dangerous mean?
There was a story that came out a few years back,
which was about a super cheap gaming computer that was being sold on Amazon,
but little did anyone know.
The computer came with malware on it.
People who bought it would get their crypto wallets drained,
their steam accounts taken over, and their email compromised.
The computers were made in China and came shipped with Windows 11.
But the thing is, the company didn't want to pay for Wurliddle.
Windows keys so that they could sell the computers cheaper.
So they found a hacked version of Windows 11 installer,
which would bypass the whole license key thing.
But the problem is, the installer would embed malware into the Windows install.
So the seller didn't even know it had malware on it.
Amazon reviews started showing up.
This computer is unsafe.
Don't buy it.
One star.
And more reports came in about people saying that their computers came with malware on it.
And I mean, if you got a new gaming PC,
and during the time you were setting it up,
it stole your cryptocurrency,
took over your email and stole your Steam account,
how much would that hurt you?
How dangerous is that?
Would it hurt more than getting a metal sliver in your finger
from a garlic press?
I think so.
Yet as far as I know, computer shops,
such as Best Buy, Amazon, or wherever,
never issue recall notices for computers or tech,
which are malicious.
Retailers who sell defective items that are unsafe typically issue recall notices to buy back faulty items that are dangerous.
But I just wonder if a computer riddled with malware doing enormous amount of harm to users will ever fall into the category of dangerous or faulty or harmful to retailers.
These are true stories from the dark side of the Internet.
I'm Jack Recyter.
This is Darknet Diaries.
This episode is sponsored by Threat Locker.
If you've listened to Darknet Darius for a while, you've already heard of Threat Locker.
I've talked about how they lock environments down, deny by default, zero trust, all of it.
But the problem they were solving changed because attackers changed.
They don't break in like they used to.
Now they just log in with real credentials, real sessions, nothing that looks out of place.
Once they're in, they're treated like they belong.
So Threat Locker took what they already were doing and pushed it further,
with their zero trust network access and zero trust cloud access.
So now access isn't just about logging in, it's about the device, the connection,
and whether any of it should be trusted at all.
If you want to see what zero trust looks like when it's done right,
go to threatlocker.com slash darknet.
That's threatlocker.com slash darknet.
This episode is sponsored by Meter, the company building networks from the ground up.
If you employ and work with IT engineers,
you're going to know how hard it is for them to do their job well.
What your business needs is performant, reliable, secure networking infrastructure.
But what you get is IT resource constraints, unpredictable pricing, and fragmented tools.
What you and your engineers need is a modern platform you can all trust to support your business.
Enter Meter.
Meter delivers a complete networking stack, wired, wireless, and cellular in one solution that's built for performance and scale.
Alongside their partners, meter designs the hardware, writes the firmware, builds the software, manages deployment, and runs support.
That means less time your employees spend writing to multiple vendors and more time working and improving your IT systems.
Meeter's full stack solution covers everything from first site survey to ongoing support, giving you a single partner for all your connectivity needs.
Thanks to Meeter for sponsoring this show.
Go to meter.com slash darknet to book a demo now. That's spelled M-E-T-E-R, meter.com slash darknet.
And go book a demo.
Today, I'm so excited because I finally get to talk with DeM-E-T-R-E-R-M-E-R.
It's good to see you again.
I know.
So we started, we started, I met you at DefCon like five, six years ago.
Like one of my first, like ever DefCon's, yeah.
It was your first DefCon.
And you messaged me like, hey, you want to meet?
Where are, can we meet?
So I got something to tell you.
I was like, yeah, where.
And this was back in the days where I actually checked my DMs at DefCon.
Now it's impossible for me to do that.
And so I was like, okay, go to the child zone.
That's what I'm wearing.
Okay, cool.
And then we sat down at like a couch.
And you're like, okay, I got something.
And it was still hush, hush.
I was like, what is going on here?
And you had, you had, I won't give names here, but you had a contact with somebody who you knew had a good story.
You're like, I can connect you with this person.
I was like, great.
And we did.
We connected and we had conversations.
So thank you for that.
Yeah.
And so that's where we first met.
But then I just watched you have talk after talk.
And I learned more about you.
Like, at the time, you told me your name was deadass.
And over time, I've just learned that your name, you really should be called badass.
You're really, like, I think even back then you were working on all kinds of really cool projects.
Do you want to give us a background of just like your tech career?
Yeah.
I mean, it's kind of, I'm very much the textbook definition of non-traditional background as far as technology is concerned.
like I have an English degree.
I went to Berkeley for rhetoric and propaganda.
It wasn't.
Okay, so I heard that today.
Yeah.
We're here at CactusCon and I just heard your talk,
but you did say that you have a degree in rhetoric and propaganda.
Is that true or was that a joke?
That's like legitimately, basically what the degree was in.
It was all about like understanding argument,
understanding like the rhetorical devices and tools.
And so I hyper-focused on the efficacy of propaganda from that.
And that actually is what informed when I started looking at the topic of my talk, why I knew there was something weird about it.
Like, it kind of like touched that part of my brain and I hadn't really seen anything like this yet.
So you, that was a career path for you.
I want to go into propaganda.
Well, more so I want to go to law school, or at least I thought I wanted to go to law school at one point.
And then, like, you know, the bay is expensive.
Life is expensive.
And then I, you know, built my first computer and I was like, oh, wait, I can do this for like a job.
Why was I not just doing that?
So you got into tech and then give us kind of a potted summary of some of the tech roles you've had.
Yeah, so I've worked at some of the biggest names in security, so Palo Alto, Google, Apple.
I've already been kind of around the valley, as they say.
And now I'm over at census.
Oh, yeah.
What do you do at census?
I'm a senior sales engineer, so not even like a researcher.
I just do research for fun.
But the thing is, a few years back,
dead ass discovered something that was like discovering something you weren't supposed to see.
A discovery which would send her down a rabbit hole that would take her years of research to get to the bottom of.
And it all started at her dad's house.
Without giving away too much, he's one of the senior people at his oil and gas company.
Okay.
And so you go to visit him and...
Yeah, so my dad is very...
I don't want to say nonchalant, but he's like he's chill, right?
Like, he's a very chill kind of person.
So for him to be excited, I was like, oh, well, what are you excited about?
Like, you're very deadpan.
Like, you don't get excited.
Her dad was excited about all the channels and shows and movies that he could get on his TV now.
He's like, look at this.
I got hundreds of movies, full series of all the latest TV shows, thousands of channels,
sports, even pay-per-view wrestling matches.
You like wrestling, dead ass.
You would love this thing.
And he's telling me about it.
it and he's like yeah it's just 300 bucks it just works it's called the super box and immediately i'm like
okay this already sounds weird but keep going so i ask like well how does it work and he says oh it just
works that's not what i ask you i ask you how does it work and so my younger sister was also studying
cybersecurity she comes in and she says oh yeah the network's been really slow at the house ever since
those boxes came home so that was kind of my final
final red flag to be like, I'm going to get one just to see what it's doing.
Boxes?
Yeah, boxes.
What?
More than three.
Why does he have so many?
Because they're convenient.
That's how they get you.
Oh, for each TV? Yeah, for each TV.
Okay. How did he get it?
Somebody at his job told him he needed to get one really, really bad, so he got one.
She takes one home to look at it.
She's not a researcher, so she's not sure where to start.
She knows enough that she should quarantine this thing, though.
So she put it in a separate network.
it doesn't learn about her home network or try to bother any of her other devices,
and she puts it behind a firewall.
Then she starts Googling where to start.
It was the weirdest question I've ever asked out loud,
how do I get P-Caps at the house?
Because I had to figure how to get packet captures off the thing,
and I'm like, how do you do P-Caps?
The idea was that when she turns it on,
she wanted to see where it would try to talk out to.
Who does this thing communicate with?
How does it send those packets?
So she learned how to do packet captures in order to watch this.
I got one of those packet scrolls from Hack 5, and I had laughed to myself because I remember when I first came into security and thought I was going to be like a badass hacker.
I was like, oh, I'm going to get all this stuff off Hack 5.
So I had one, and I hadn't ever opened it, and I learned how to use it.
And that was my kind of in-line packet captures.
So she gets it all set up, turns it on, and just lets it do its thing.
And she watches what it talks to.
The first thing it does is call out to Tencent, like just straight into it.
Like in China, yeah, like QQ.com.
Tencent is a massive tech company that owns QQ in China,
and it's not entirely unusual for something to be talking to it.
So at first I was like, okay, maybe this isn't that bad,
but then when you apply the rest of it, like, oh, you're an oil and gas executive,
somebody new told you to get this, the network's running really slow,
and this thing is talking out to China, right?
Like, it's all of that, right?
individually those things don't mean anything, but when we're looking at this like strategically
or in a big picture, you're like, oh, I see.
But maybe she's connecting dots that aren't there.
So she keeps looking for traffic logs.
I'm kind of just watching the traffic, watching the traffic.
I would like turn them on for like a day, turn them off.
I'm looking at logs.
I'm kind of just trying to get a feel for what they're trying to do.
And then I get a hit in my vulnerability log, like in the threat log on my Palo Alto firewall.
and it's for a SCADA vulnerability.
A SCADA vulnerability?
This makes no sense.
Skata is the control systems used in large-scale industrial settings.
Think pumps, valves, conveyor belts, compressors, elevators, railway switches.
This is where SCADA systems live.
Why in the world is this box that's here to deliver TV and movies
attempting to trigger a SCADA exploit on Dead Assess's network?
This is very concerning.
So she continues to look at the traffic.
thing is sending. She notices it's communicating hard with all the other devices on her local network.
Typically, a streaming box will not care about what else is on your local network and only
want to go out to the internet and get the content so that it can show it to you on your TV.
But this box was super busy feeling around to see what else is in her network.
Specifically, it starts arping out to any device in the same network as it.
So basically, ARP is when a device is like, hey, are there any computers on this network that
have the IP 192168, 1.10 or whatever.
And if there is a device that has that IP, it'll respond.
He'll say, yeah, that's me.
You want to chat.
Here's my Mac address.
And then it gives the Mac address.
So this super box was arping out to every IP in Dead Assess Network.
I would say it was almost more of like an ARP DOS because it was arping at things so hard
that they would like freak out and like lose their IP address reservation.
Yeah.
Really?
Yeah, they were just so chatty.
And that was also something weird to me because normal devices, like, they're chatty,
but they're not chatty like that.
Right? So it's this noisy thing on a network.
It's ARP and everything. It's sniffing around.
It's just way too interested in things going on on my network.
So this thing would ask, who has this IP?
And when the device with that IP would respond, then it would just continually ask again and again,
thousands of times flooding it with ARP requests until that device would get overwhelmed,
and go offline, which would then allow this super box to pose as that device.
It would change its own IP and Mac address to match that thing it just took down,
which is such a wild attack, to knock out other things and then pose as them
to see if they are communicating with anything more juicy.
Holy cow, this thing is scary.
So she keeps Googling this thing to try to learn more.
It looks like it's all been SEO poison because it's only places to buy the superbox.
There's no negative.
Like, you can't even find Reddit posts even questioning anything about the Superbox.
The entire first page is where to buy and everything that's great about it.
Now she's getting curious.
Who makes this thing?
What brand is it?
Where does it come from?
One of the more common things a lot of us have probably done are like, what's this device?
What's its Mac address?
Who makes it?
I look into who makes it.
It's some weird looking, like website templated, just strange looking company called like
GBS Labs or something like that.
And it's basically a shell.
Like there's stock photos on the site and just all kinds of like the telltale signs of like,
we stood this up to look just legit enough, not actually be legit.
So I look into them as a manufacturer.
I'm finding like fake LinkedIn's and all kinds of stuff like that.
So I'm like, okay, this obviously isn't real.
So I keep digging.
I get worried because as I continue to kind of acquire boxes, I got like a couple off Amazon.
I got one from Best Buy, one from Walmart.
Whoa, whoa, whoa, these things are available at Amazon and Best Buy Walmart?
Yes, they are.
You could buy a super box right on these sites.
Yeah.
Hold on a second.
A bunch of pirated movies and TV shows.
It's sold in a box that you just plug into your TV,
and now you don't have to pay for cable or any movies.
That sounds illegal.
Yeah.
I mean, it is, but even on the box itself,
when you turn it on. It pops up a little disclaimer. Here, I actually want to read to you the
notice that pops up when you just plug this thing in for the first time. It says,
Thank you for choosing Superbox. Superbox is an empty and open entertainment device. Due to the nature
of this item, we are not in any way responsible for the content streamed or viewed by any user.
It is the user's responsibility to satisfy themselves that the sites accessed for streaming the
content to have correct copyright agreements in place and are entitled to the content.
The burden of determining this falls completely on you, the user.
Superbox, and no way takes any responsibility for how you use this device.
Unbelievable.
Does that even work?
Can you sell a box that markets itself for having thousands of pirated shows on it and movies,
but then put a disclaimer up that says,
we're not reliable for anything that you do on it?
I mean, they're doing exactly that.
So in theory, no, it shouldn't work, but in reality, yeah, it's working,
since this is for sale on Amazon, Walmart, and Best Buy's websites.
And I should mention that Amazon, Walmart, and Best Buy aren't listing this themselves.
These are third-party marketplace areas of the site, where anyone can go and set up a shop
on those sites and start selling whatever they want.
And while these listings would get removed every now and then, they would just come right back
up listed by a totally different seller.
Of course, eBay has them for sale too.
So as I start kind of looking around, I go into YouTube and I'm like, okay, Superbox.
And so I see, you know, a bunch of different influencers.
They're not like Alinus Tech Tips or, you know, some of these other bigger folks that have a huge following on YouTube.
These are folks with like sometimes like 800 followers, sometimes 50, sometimes, you know, 50K.
One guy had like pictures of like motorcycles and like his wife and like pictures of food and then just a hard right turn and he's now talking about super boxes.
I saw one kid who was like talking about like speakers and then suddenly the super box.
Yeah.
So I'm like, that's really weird.
So obviously they had to be paying them.
And it took me a while to figure this out.
But I went way back to like a seven-year-old, like, super box video.
And this one influencer was like, yeah, they contacted me.
And they're offering me 50% of the proceeds of every device that I sell if I talk about this.
Whoa, so there's super box influencers out there.
People paid to spread this thing.
Gosh, this makes it a lot harder to control and stop this.
If they're being sold by random people just trying to make a few extra bucks,
It's almost like they have an army of marketers and salespeople.
They start appearing in weird places.
I start seeing it on TikTok.
They're on Facebook marketplace.
So I start getting even more suspicious because I'm like,
this has to be a whisper campaign because I'm not seeing it like,
I'm not watching cable television and there's like an ad for the Superbox.
And if that ever happens, like I'm going to just move out of the country at that point.
But I haven't seen that yet.
But what I have been seeing is, oh, check out the Superbox.
here's YouTube shorts about the Superbox, check out my TikTok, get it off my store.
So it's spreading.
And then I find out later that because of how they're using the reseller market, they're
like basically penetrating like the suburbs everywhere to get these sold and get these out
to people and get that kind of like foothold across the United States.
Holy cow.
These things aren't just spreading.
They're spreading in specific places.
Suburban families are getting them.
And why there?
Okay, let's think about it.
By targeting suburban families,
it's almost like a bottom-up approach to intelligence gathering.
Don't attack companies or even the government at the front door
where their strongest firewall and security controls set up.
Don't even come in through the back door.
Instead, focus on the workers at their homes.
Because a lot of people bring their work home.
And if they can jump off this thing onto a work laptop
or find a VPN into the office from home,
then bingo, they just gained access to the corporate network.
Or even worse, it might hitch a ride in someone's backpack or pocket
and get plugged in at work.
So if this is a malicious device disguised to be a TV streaming box,
then yeah, targeting suburban family homes in the U.S. makes a lot of sense
if your goal is to try to set up a large-scale attack against major U.S. companies.
Jeez, that just gave me the chills.
At that point, did you have any guesses as to who might be behind all this?
So that's been kind of the weird part.
I mean, obviously, if it's talking to China, I just assumed China,
but it does look like there's a few layers to this.
Still trying to crack the code, but, you know,
a lot of folks here in the cybersecurity industry in the United States,
of course, we're very concerned about this because you can't really detect them on a network
unless you know what you're looking at or know exactly, you know,
where things in your network live and what the baselines are and what looks normal.
So if you're not using it and it's sitting there,
your traffic's going to look normal.
And we all stream and everything,
but what a lot of folks don't know is that with traditional streaming services
like a Netflix, a Hulu, whatever, when they ask you,
are you still there?
That's the bandwidth control.
So it's not just sucking up and chewing up the pipe.
These don't have anything like that.
they'll just keep going.
And then when you factor in the residential proxy stuff, that's a lot of bandwidth.
Oh, I see.
If thousands of these are in homes across America and those homes all have high-speed
internet, that means these boxes have quite a lot of bandwidth at their fingertips.
When you have control of that much bandwidth, then there's a lot of damage you could do with
just that.
So at this point, it's 2023.
Deadass has really started to get deep into researching this thing.
She learned that the operating system on this thing is just Android.
And not Android TV, just Android.
I looked at the Android information, and it was a patch from 2021.
Okay, so three-year-old operating system.
At that point, yeah.
And it's on purpose, because this was one of the ones that had a lot of holes in it.
When we think about, like, you know, not great Android patches that came out, 2021 was kind of a strange year for that.
And so I'm looking at that, and I'm like, okay, that's super, super weird.
I keep digging in.
I'm looking at the box.
I'm like, let's look through the apps.
Like, there's TeamView.
on it?
Right.
Like, why does that?
Team viewer.
Okay, so team viewer is a way to remotely manage a computer.
Like, it allows you to connect to that thing
and control it as if you're sitting right in front of it.
So with Team Viewer installed on it,
that means that whoever is behind this
has a dashboard at their fingertips
of all the super boxes out there
with Team Viewer running
and with one click, they could just jump right into any of them.
That's horrible.
Holy cow.
The idea that someone is inside your home,
home looking around in your network and you have no idea.
No, no, no, no, no, I do not want this.
Burn it with fire.
Watching Reddit and stuff like that and people are like, is this thing too good to be true?
And so there was an account on Reddit that was created about at that time about four years ago,
which lines up with like kind of the initial timeline of everything we were seeing with this
starting about 2019, 2020.
And that account did not post a single thing for four years.
and then it pops up just to say,
I've had the Superbox for forever.
I get NFL, MLB, you know, Sunday ticket.
Like, this is the best thing ever,
like everyone should get one.
And then it never posted again.
So they're, of course, nudging it and trying to, like,
you know, prop it up in places.
I'm like, so this is, again, it's spreading.
People are talking about it.
But, like, I still have not heard a thing about it in the security community.
So I decided to do a talk on it.
initially. And that was my first ever, like, technical talk at a hacker con. I was scared to even
get up there. So she gave the talk at a B-Sides event, and the crowd was stunned with her findings.
Her talk was so scary. I think everyone after the talk called home to see if their parents had bought
one of these or installed anything like that, which reminds me, I need to call my dad to see if he
has one. Let me take a quick ad break real quick, but stay with us because everything got way more
serious after she gave that talk.
This episode is sponsored by ExaForce.
If you're a startup, all you want to worry about is growth.
But with growth comes an attack surface that scales as fast as you do.
What you need is a transparent security platform that adapts to your speed and maturity levels.
Exaforce was created to handle the complete security operation workflow, detect, triage,
investigate, and respond.
Exobots autonomously manage every stage, eliminating gaps between alert and action that
slow down traditional security operations.
Pre-built integrations and detections for AWS, Azure and GCP, and SaaS applications from
GitHub to Slack and more.
Protect you from the modern attack surface, which most traditional themes overlook.
Plus, ExaForce shows the reasoning behind every automated decision, making it easy to audit,
tune detection rules, and understand what is going on in your environment.
If you want AI that grows with you, then check out ExaForce at ExaForce.com slash darken
dash diaries.
That's ExaForce spelled EXA-F-A-F-R-C-E.
ExaFORse.com slash darknet dash diaries.
Okay, my dad says he does not have one, but he says the guy at the gym has one,
and he keeps inviting him over to come watch shows.
Okay, so after that talk, what happened next?
How can I put this without sounding crazy?
Our government was very, very interested in knowing more.
I can put it to you that way.
Yeah, word got out, and an investigation was opened up,
and they brought her in to learn more.
If this is another nation trying to plant boxes and family homes across America
with malicious intent, then the Department of Defense was interested in knowing more.
But the thing was, because this was now an active investigation,
it meant dead ass had to be quiet about this.
So she wasn't allowed to talk publicly about it.
But it didn't stop her from researching it further and talking privately about it.
So for years she continued to research it and gave talks.
But every one of those talks had to be no cameras, no recording, no photos in order to keep this hush-hush.
And it's been driving me crazy since I've been attending her talks for years.
And I think it's such a good story to get out to you.
But she's never been allowed to be interviewed for it.
And that's why I'm so happy to finally, finally, finally get this interview to tell you her story.
But as it turns out, this wasn't the first time we've seen bad boxes.
Human security and Google and all those guys who kind of done the stuff on like, you know, the first bad box.
And so, and they were sourced for a lot of the stuff on the second bad box.
But we basically discovered that this thing was part of what's now referred to as the bad box botnet.
Bad box botnet.
So we've been referring to it as super box this whole time.
Yeah.
Where's bad box come from?
Badbox comes from the fact that there are just other Android streaming devices, and they're actually a lot cheaper.
And this was actually an anomaly that I noticed when I was looking at the Superbox.
They're like anywhere from like 30 bucks to maybe like 100 at most.
And so again, cheap devices, they're kind of everywhere.
They can get them out there pretty quickly.
And so a lot of those made sense already infected.
You know, the behavior looked the same once I started kind of like providing information and stuff.
And so we all came to the determination that it should just be, it's still bad box,
but it's bad box 2.0, even though we'd shut down the first bad box.
And so, yeah, it's for any Android, basically, device that's like got malware or is beckoning out to interesting places, etc.
But the super box, like my focus on it is because it's $300.
And the rest of them are like $30.
So why is this one $300?
So she gave the authorities, all the information that she discovered.
about this? I provided, you know, network traffic, some logs, just things so that they could get an
idea of what they were looking at, and I just kind of took it from there. So. Okay. And then,
and then for your own, you didn't stop with your own research. Oh, no. I was like, we're not even,
we haven't even scratched the surface. I know. We're still like, at that point, I was just like,
there's still more. Like, I know there's still more because there were still so many unanswered
questions, like, okay, I get why it's beckoning. I get that it's talking to this IP. But like,
again, why? Why? So I keep digging. I just keep digging and I continue to dig and I continue to
dig. She got obsessed with this box and she knew she needed to skill up in order to research it better.
So she took some Sands courses, got her GCI certification, upgraded her tools and once again looked at
the traffic this thing was sending. She saw that it was talking to a lot of domains ending in dot TOP.
Like most websites end in dot com, but not this box.
It likes speaking to things in the dot-top domain.
Which like we all know there's nothing good for anybody at a dot-top domain.
Like, that's not for us.
Of course it talked a lot to the dot-cend domains too, which is clearly China.
She studied protocols deeper, domains, IP addresses,
analyze the hardware, and the company that makes it all.
And she saw that this thing was just automatically downloading different apps and stuff
for Android, I was able to capture those and analyze those.
So that was new for me too.
Like I said, I worked in the sock.
Like I did my little alerts and like, okay, escalate.
Like, that's all I used to do.
So to figure out to, like, decompile APKs was like insane.
But like, I figured it out.
And I kind of started like looking inside of them.
And I'm like, oh, that doesn't seem right.
Like, you shouldn't be sending that in clear text or, you know, stuff like that.
So, I mean, there was just so much smoke, right?
Like, I knew there was going to be fire.
Because this thing is running the Android.
operating system, it has the Google Play Store.
But of course, that's not where you'll find the thousands of channels that it says it has.
Instead, you need to basically rip out the Google Play Store and instead install something
called the Superbox App Store.
What got me is when I tried to download the App Store and my firewall basically showed
me that it was like a multi-layer encoded file.
So it was zipped up like six, seven times.
So that was weird because that's still not normal for an app store.
Like, I mean, if anything, like, you should just be using the Google Play Store.
It's an Android device.
But they have their own app store that you had to download and install to get access to their piracy apps.
And their app store looked nice and polished.
Oh, my God.
It's pretty brutal.
It's weird because you click on it.
It installs.
It turns blue, which I thought was just kind of funny.
I'm like, it's, why is it blue?
You click on it and it just has the three apps in there.
Like, there's nothing else in it.
So it's only so you can, again, get access to their stuff
and they want it to look as legitimate as possible
so people will use it.
You'll appreciate this.
So they're all running Android debug bridge,
which makes sense if they're, you know,
pretending to be an Android device.
Because it's not an Android TV device.
It's just straight up Android,
which is already weird from the other types of devices.
This was super strange to me because
there's no authentication on it.
I was able to connect just straight across the Android debug bridge,
and then I just typed in SU for Switch user,
and it gave me a root shell.
So you have root access to the Superbox?
I have root access to, like, the six that I have in my house, yeah.
And then I did finally dump the firmware,
and there's entire sectors missing off of the device.
Like, if you're looking at, say, like the structure,
like the boot structure,
47 partitions, but you can only see 15.
What?
Right.
That doesn't make any sense.
It's not normal.
That is strange.
Yeah.
I just assume that if there are partitions on it, but you can't see them, then that means it has some sort of software deep inside it.
And who knows what's going on in there?
What's in those partitions?
And how scary is it?
Nobody knows.
I'm also at the same time still digging into the shell company.
They have these weird, like, fake certificates of a whole.
award to look legitimate? And I'm like, what even is, is that supposed to be like a
certificate of like authenticity? That's basically what they're putting out for the super
boxes to make them look legit. Yeah. So the packaging of this thing, you got a few, right? And so
what is it? Does it just look like a regular device or is there anything silly about it?
I mean, I look at it and I'm like, why does it look evil? Like it feels evil to me. Like,
if you ever like seen something, you're like, I don't like that. It kind of gives me those vibes.
but like it says 6K on the box.
6K.
Right.
Like what is what is 6K?
I must have missed that memo between 4 and 8K.
But yeah,
has 6K on the box.
And there's even like regulatory information like printed on the box,
but then like we can't find like FCC information on it.
Okay.
So the regulatory stuff looks like it's just made up.
Yeah.
Yeah.
And like, oh, we're certified in all these things, but not really.
Right.
Wow, that's crazy.
Like that's illegal.
Well, and so the.
average everyday person, it looks like anything else they might buy. It's got the regulatory
information. It tells me what the product is. It says who makes it. That seems highly
illegal. The government is not going to want you to put regulated or, you know, certifications
on there that aren't, especially for like some of the safe electronics out there.
Exactly. And make it safe for consumers. They just putting it on there and not.
It's not actually vetted. They're just like, here you go. This is safe for consumers.
Okay.
It's ridiculous.
And it just stays ridiculous.
So, like, you know, just buckle up.
There's just so many glaring, like, red flags.
I would call them more, like, neon red flags, if that's even, like, a thing.
I'm just, again, at this point, this is, like, the end of 2024 at this point.
And I'm just like, does no one else see this?
Like, no one else sees this, really?
And so I get into 2025, and that's where it kind of, like, really started to take off.
So the bad box PSA comes out in June.
That was a huge deal.
Oh, yeah, I saw that announcement.
Let me pull it up for you.
It's titled Home Internet Connected Devices facilitate criminal activity.
Here's what the FBI warning says.
The FBI is issuing a public service announcement to warn the public about cybercriminals
exploiting IoT devices.
Cybercriminals gain unauthorized access to home networks through compromised IoT devices,
such as TV streaming devices, digital protection.
aftermarket vehicle infotainment systems, digital picture frames, and other products.
Most of the infected devices were manufactured in China.
Cybercriminals gain unauthorized access to home networks by either configuring the product
with malicious software prior to users purchasing or infecting the device with backdoors,
usually during the setup process.
Gosh, wow.
So the FBI put this warning out, but that wasn't enough for them to get banned off of Amazon,
Best Buy and Walmart Marketplaces.
And even with this FBI warning, it wasn't enough for dead ass to convince her father to get rid of it either.
He did at least unplug it.
Only when you're home.
Only when I'm home.
He plugs it back in when you leave.
It's just so frustrating.
So how do you convince, imagine it's my dad here or your dad here.
What do you say to them to say, don't not do this?
Because what matters to them, right?
Yeah.
So you have to bring it to their level.
Well, so what was interesting, I think what got through to my dad was when I said,
like if something goes wrong with this
and you know you're in a pretty high position at your company like
I mean people are reporting their bank accounts getting hacked
like do you care about your money do you care about your retirement
like again they're looking at your credentials
they're monitoring the network they're going to see when you're logging into
your bank and they're going to see when you're doing things that we might all
consider sensitive and if you don't want that to now become a negative
or get exploited or become a problem.
Like, you have to think about what you're bringing home on the network.
Okay, you said someone's bank account got wiped out for this thing?
Yeah, somebody reported on Reddit.
They're like, oh, they tried to hack her bank account, so put it on a guest network.
Not stop using it.
Just put it on a separate network.
Gosh, what are we even doing?
Imagine you had some roommate that tried to steal money from your bank account every time you
turned your back and was constantly spying on you.
You wouldn't just move them to the guest bedroom.
You'd throw them out of the house.
How is it that this thing can clearly be so dangerous, yet people still don't throw it in the trash?
It's because it's still proving value to them even after it's an apparently dangerous and harmful device to have in your home.
And this puts me in deep thought, actually, on how to fix this.
This isn't a one-off, it's an industry trend.
And it's not even just an industry trend in cybersecurity.
It's a bug in human beings.
We often ignore good advice.
Like, we all know you should take your health seriously.
eat healthy, work out five times a week, and get plenty of sleep.
Yeah, most of us don't do it.
It's not because we don't know better, we all know better.
And there's nothing you should value more in your life than your own life.
So it's not like there's something more important to focus on, yet we still don't take care of ourselves properly.
And this is what I think is a bug in human beings.
We know what the right thing to do is, yet we still don't do it.
And here's an example of this bug being exploited so perfectly.
even when the super box rears its ugly head
and shows us how dangerous and harmful it is,
people still use it
because they like getting their TV shows.
To be clear, how do you feel about piracy?
I mean, I personally do not care.
That's you and your business between you and your ISP.
That has nothing to do with me.
That's not what you're out here saying is bad.
Yeah, it's the fact that, like,
to make it easier to have access to these things
because a lot of people do not have the technical know-how
to potentially participate in sailing the internet high seas safely.
This is a one-stop, easy pre-box shop.
Can we talk more about who you were seeing getting these things?
Yeah, so, you know, I had folks reporting to me
that they were getting the mail to them, like, at their house.
I'm like, what?
And they work in oil and gas.
And they're like, I didn't order this.
So I'm like, yeah, definitely.
don't plug it in. And so one of those got sent to me. Wow, how scary is that? To have one mysteriously
show up at your doorstep and you work in oil and gas? Man, this is a very serious and dangerous campaign.
I already said this thing should be burned with fire, but now I think you need to take a sledgehammer to it first and then burn it.
Of course, I'm seeing stuff on like social media, kind of all the different platforms, like, oh, my parents got gifted one.
My uncle was telling us about it.
Like, all the, again, it was lots of stuff like that.
I had a friend in Sacramento tell me that he saw, like, one of the single moms that, like, is known in the neighborhood.
Like, she had them.
And I'm like, that's so weird.
Like, again, if it's the gray money, I guess, and, you know, you want to make some extra cash on the side, like, it's a great business.
I mean, that's.
If we look back at, I think it was the.
the late 90s, early 2000s, we had a similar thing where you could buy the, some sort of
streaming box.
It was a cable box, but it was like a, like a black box or whatever.
Yeah, it was, you know, jailbroken.
And so you would get free cable.
And so this was, this wasn't sold by the moms in the neighborhood.
Right.
This wasn't sold by your uncle, maybe your uncle, but it was sold in the seedy parts of town.
Yeah, exactly.
Where you had to know someone who knew someone who knew someone, and then make a deal with
them to get your pirated, you know, your jailbroken cable box.
Yeah.
And that's what, that's what this, this doesn't smell the same.
This has a different scent to it because it's people who are, people who are selling it
are almost like hustlers in some way.
Yeah, exactly.
Where they got like six side businesses.
Exactly.
And they got a lot of free time.
It's like a weird, there's a weird profile overlap that I was noticing because at first
it was like real estate agents.
I'm like, okay, I could kind of see that.
then I'm seeing reports online where someone's like,
oh, my cable guy tried to sell me one.
I'm like, your cable guy, like,
who just installed your internet is trying to sell you one of these boxes.
Like, what?
And then, of course, there's the whole issue with just as you're, you know,
as we start looking at kind of like the whole thing,
I'm like, okay, well, now I'm starting to see like people,
like you said, like five, six businesses.
And they're not tech savvy people.
They're just like, oh, yeah, it just works.
I've been using mine for two years.
I don't have any problems, you know?
And they're usually the ones that will go into a lot of these social media posts
and they say anyone trying to say anything negative about it.
Like, they're ready to squash any negativity as soon as you try to post about it.
The marketing images of this thing is ridiculous.
There's one with the family sitting on a couch,
which looks like a stock photo, and the superbox is, like, oddly placed on the TV in front of them.
And the mother is smiling all happy with this thing, holding her daughter.
And again, to me, this thing looks like it's targeting suburban families.
There's a piece here that I don't think we talk about.
about enough in cybersecurity, and it's really truly like the cyber psychology of us as consumers,
of us as practitioners, of everyone, really. And so we don't have a culture of understanding,
again, like scams and stuff. Like we lose billions of dollars every year to pig butchering,
fishing, all kinds of get rich quick schemes. Like everybody wants to make a buck or everybody
thinks that, you know, oh, I'm going to, I'm no longer going to be a temporarily embarrassed
millionaire. Like, I'm going to be a millionaire now.
Or I get to watch TV and I don't see what the problem is.
Yeah. I want to, I was, at first I was going to push back and say, well, you know, we,
we assume that the stuff we buy has already been vetted and secure and all that stuff.
Or else it wouldn't be in the store. Because the store should have some sort of, you know,
responsibility. There's implied trust when you go to, like, Best Buy, right? Like, there's a reason
I'm not going to go, like, stand out here on the corner and say, like, hey, does anyone have, like, an iPhone
17, I can just buy real quick.
I'm going to go to Apple. I'm going to go directly to Best Buy.
And so again, as consumers, especially in the United States, like you said, we go to Best Buy,
we assume that what we're getting is okay.
Okay. Well, let me ask you this. Once the FBI warning came out, did all of the stuff
evaporate off Best Buy in Walmart?
Nope. It's still there. And part of the problem is because they have very unmonitored third-party
marketplaces. However, I did receive reports from other contacts that they had a parent
that was able to get one off the shelf at Best Buy.
What?
Which I was like, how did that even happen?
Because it's very hard to get things on the shelf at Best Buy.
But if there's this other kind of influence of like, hey, let me slide you some cash in this envelope,
like, secondarily, like put this on the shelf at Best Buy.
Like, I can absolutely see that happening.
If we just think about, like, you know, humanity.
So, I mean, I want to assume that it did get wiped off of all these online marketplaces.
But then it's a cat and mouse game.
And so it just comes right back.
And there is a different seller selling it.
And there's another person.
And maybe there's tens or dozens or hundreds of people trying to get it back onto Amazon.
And since Amazon has this sort of anybody can come on and sell something,
then it becomes very hard for Amazon to pop every mole on the head.
Like police it. Yeah.
Okay.
So you feel like that's what happened?
I think that's probably got a lot to do with it.
I mean, the third-party marketplace thing, you know, I still have questions about how Timu
came out of nowhere and got two Super Bowl commercials the first year of its existence.
But, yeah, like, looking at Amazon, like, I did look recently, and it's actually harder to find
them. So I think Amazon did make some changes. But, like, Walmart is still just, like, pages and pages and
pages. And again, I mean, they get a lot of money out of having all these sellers on their
marketplaces, but they're selling something that's kind of dangerous.
Gosh, this device is so insidious. And the way it's wriggling into our homes across the nation,
We humans are vulnerable to scams and manipulation.
And this seems to be the perfect thing to exploit that.
Americans are sick of paying for 20 different streaming services.
Like if you pay for Netflix, Disney Plus, Amazon Prime, and HBO Max,
you still don't get any news channels.
It's so fractured and crazy.
I just remember this YouTube video by Video Game Donkey,
who has a guide on how to watch all the seasons of Pokemon.
Here, take a listen.
For Pokemon, there is a website that takes a website
that tells you how to watch this.
You start off on Netflix,
then swap over to the Pokemon streaming service,
which is the only place that has Season 2,
then swap over to Prime Video for seasons 3 through 5.
Swap to FreeVee, then Hoopla.
Season 13 is only on Amazon, though.
Then swap to Tooby, then Hulu, then Roku channel.
And then finally, back to the Pokemon streaming
and then Netflix, easy.
What are these streaming services doing?
It's like the more they battle, the more we lose.
Like Disney bought Marvel in 2009.
for $4 billion, but even Disney Plus doesn't have the rights to play all the Spider-Man movies?
What's happening?
So this Superbox hit us right where our pain point is when it comes to watching TV and movies.
It solves so many problems.
People don't want a pirate, but when it's so painful and so complicated to find the shows you want to watch,
then they just migrate to a simpler way to watch the shows.
It's not even less expensive since they're paying $300 or $400 for one of these boxes,
which just has all the shows they want to watch.
I'm sure they'd be happy paying a monthly fee
if it was for a streaming service
which gave them what they wanted.
But piracy is on the rise
because of how complicated and frustrating streaming services are today.
And when it's a thousand times easier to pirate a movie
than it is to research where things are streamed,
only to create an account there,
only to find that they're no longer streaming it there,
then people are going to give up and just pirate.
Honestly, I blame the streaming services
for this explosion.
of piracy that we're currently seeing,
they need to start treating their users with more respect,
and we'd all be much happier for it.
Like, I had been hyper-focused on the Superbox,
but then I saw some of the same characteristics
of a bunch of sellers and folks on social media
talking about the VC box.
So again, another one that's like still something-something box,
but a lot of the same stuff,
oh, we've got this playback feature.
Like, you get all the channels.
I'm like, this sounds familiar.
And so I start digging it.
into the VC box, and so I buy one of these.
And this thing looks equally as strange.
It was another weird Reddit post to.
Reddit was, like, weird and, like, got me all these breadcrumbs, by the way,
because people just tell on themselves in, like, Reddit piracy, by the way.
But this particular post stuck out to me because they're like, oh, yeah, there's no Chinese here.
I got this new box, and it still gives you all the channels, and it's better than the super box.
Does it say no Chinese here?
It literally says that's the first thing it says.
Like, they started the post like that.
I'm like, what?
Like, why?
Who? No, and in the thread, no one said anything about China.
Like, that's the thing that was weird.
I was like, why are you telling on yourself?
And so I read this post.
This person in particular was like, no, everything was great.
My seller was awesome.
Everything's responsive.
It's the best ever.
You should get the VC box now.
And I'm like, why is there another one?
And so they look like almost competing companies.
So I buy one.
And it's also be beginning straight to, like, China via Tenson infrastructure.
I'm like, I'm not crazy, right?
So I put them all in the same network together and they all start talking to each other.
Really?
Yeah.
I was like, oh, no.
Are you guys sentient?
I'm scared.
So, again, I continue to dig.
I continue to dig.
I'm looking, again, actually getting access to, I was using census at this point because I started at census in the beginning of 2025.
What is their tool?
Their internet intelligence, internet scanning.
Like Showdown for grownups.
Oh, okay.
Got to do the job.
Yeah.
So as I, again, it just continues kind of to get weird.
I'm now tracking the different marketing campaigns.
I'm tracking, you know, when new models come out.
And so when I started, the Superbox S5 was the model that was available.
And now they're up to the seven.
So they're still just releasing with new versions.
Wow.
I'm like, wow, this one has USBC on.
Look at them go.
Like, so yeah, so again, it's just kind of continued.
I got to the kind of towards the end of 2025.
And I start seeing more post about like suspicious activity blocked from users on Reddit.
Getting, you know, messages about, oh, my ISP says that I'm visiting malicious IPs and things like that.
So I'm like, okay, so maybe like there's some traction picking up.
here because now they're starting to be signals that folks are starting to pick up on this,
folks are starting to notice this and make those changes with regard to like our own infrastructure.
So I'm still looking and in the beginning, in the beginning of last year, I found a third
box called the MAGA box.
Manga.
Maga.
Oh, MAGA.
Like MAGA.
Oh, my gosh.
And that actually finally, I got the answer I was looking for just this week from an interesting
Burge article I'll talk about here at a second.
But that one, of course, stuck out
to me because I'm like, well, who could they possibly
be trying to
advertise you?
And I was just like, wow,
like it was so blatant and it
looked just like the Superbox.
That's what got me. I'm like,
why does it look like the Superbox?
Like, I don't understand.
So, again, there's
so many weird things. I'm like,
I, why is this still happening?
Like, just a lot of like, why this?
And did you get one of the manga boxes?
I did. I think it like, I don't know if they killed it or what, because I hooked it back up recently to kind of put back into my little baby botnet that I'm running at the house and it wasn't getting updates or anything.
So something else may be going wrong with that or they've just kind of shifted focus back to the other ones.
But yeah, I ran it for a little bit.
Kind of the same thing.
Had a weird little, you know, get the little app store, get the little video app, watch your TV shows.
Here's your local listings of channels.
They have like, you know, all the different like, you know, fandums and things that you can get access to, but it work like the other two.
Things come with remotes?
They come with remotes.
And anything interesting in the remote?
They have self-signed certificates for some reason.
They, of course, have microphones.
But, like, again, they have open ports on them as remotes.
So I can, if I'm looking for super boxes on the internet, I can actually see the ports, but it's the remote.
So I still have some mysteries I'm trying to solve there,
but I did see it had a long antenna.
And I'm like, why is that antenna so long?
If it's just like an infrared remote.
Yeah, okay, so infrared wouldn't even need an antenna.
Exactly.
So did you find any, like, do you know what protocols it can handle?
I mean, I know it's Bluetooth.
My tinfoil hat moment is cellular, but I haven't confirmed that yet.
I'm talking to some cellular nerds to see if we can have a way to figure that out.
But again, it's very strange because with most of the Android boxes I found,
I bought like some cheap ones and they just had like a generic like Android TV remote.
Okay.
The remotes are specific to the super box that it comes with or the VC box that it comes with.
Like you have to use the remote they give you.
And even if you go on say like Amazon Best Buy and you look for say like Superbox remote,
it's a specific remote that you can only use with those boxes.
It doesn't work with other Android boxes, which is also weird.
God, this thing just gets worse and worse.
It's like a never-ending nightmare.
The remote has a microphone.
At this point, I'm certain that that thing must always be on and is listening
and maybe even using AI to parse out what's being said in the privacy of our living
rooms and bedrooms and sending those conversations to who knows where,
which the living room is probably the place where you make private phone calls and stuff.
holy cow.
And it interacts with the super box using infrared,
so why in the world is there even a Bluetooth antenna on it at all?
Look, let me tell you,
a lot of us are walking Bluetooth signals.
The Bluetooth that's on our phone is always looking to see what it can connect to.
And you might have a Bluetooth smartwatch or earbuds,
and I've seen pacemakers and hearing aids with Bluetooth,
and all this can make quite a fingerprint that's unique to you.
I mean, have you ever gone to add a new Bluetooth device
and you see things like Diane's earbuds or Bill's Fitness Track
I imagine that this thing is taking notes of what Bluetooth devices come near it so we can tell who's nearby.
And as a side note, to improve my home defense strategy, I recently got a Bluetooth antenna,
which is just scanning for what Bluetooth devices are near my home, and it records it.
My theory is that if someone ever breaks into my home, I'll pull up the logs to see what
Bluetooth devices were in range at that point and try to see if they ever visited before to try to figure out who it was.
There is a lot of data you can get from sniffing Bluetooth's
signals. So if this remote has a Bluetooth antenna, a long one at that, and is quite the
malicious little box, I can only take guesses as to what it's doing with that antenna. And keep
in mind, it doesn't use Bluetooth as a feature. You can't connect to it that way, and it doesn't
try to connect to Bluetooth speakers or anything. The Bluetooth antenna is covertly installed on it
and is not user accessible. And then we get to kind of fall
2025. I see you B-Sides Portland. I did go to B-sides in Portland, a hacker conference. And at that point,
she's given talks about this box about a half dozen times. But because there's a federal investigation
going on, she has strict rules, no cameras, no mics, no recording, no pictures. It's a very hush-hush
kind of talk that she gives. But it was one of my favorite talks I've ever seen. And the crowd
was stunned. For two hours after the talk, she had a mob of people around her, just asking more
questions about what she found, and they were giving her information. I even stood there,
perplexed by this whole thing, listening to everyone ask her questions for hours. Everyone thought
it was such a fascinating little box. And at this point, this is probably the third or fourth time
I've seen her give a talk on this, and it just gets better every single time because there's just
more to the story. And every time I would tell her, listen, when you're ready, let's please make
an episode. But she was very hesitant, mostly because there's an act of investigation. And if she
exposes them in a big way. It might ruin the ability to collect more evidence. But at the same time,
the story was burning in her. She wanted to get the word out as a warning to everyone and their parents
don't buy these things. But she felt worried about it. So she told me, no, not yet, but soon.
And then Mr. Krebs reached out to me not too long after that. And he was asking about the Superbox.
And so he wrote a really good article that basically broke down kind of the interconnection between the superboxes and the residential proxy networks.
And, you know, I didn't think that the super box finding was going to be anything major.
I was just kind of like, hey, I wanted to share and come to find out that like all of the residential proxy stuff and the botnet stuff and all that stuff that we're seeing in the news, a lot of that were breakthroughs because of what we all discovered looking at streaming devices.
Like we hadn't considered them a true vector until recently.
So when she says Mr. Krebs, she's talking about Brian Krebs, the journalist behind Krebs on security.
How'd you feel about that article?
You know what? I thought, I mean, I didn't say anything factually incorrect in the article, so there was that.
No, I think it was a good article because I think that was kind of another big push to kind of just show awareness.
Some awesome folks also got quoted in that article, folks from Spur and things like that who also specialize in like proxy networks and stuff like that.
that's what they hunt. And so it was really cool to kind of see this amalgamation of all the different
little pieces that all of us were looking at and then kind of seeing the full picture and having it
explained in an approachable way. Because when you're sitting here listening to me talking about this,
you're like, oh my God, this is so much stuff. I'm like, I know. But there's like a lot of this
other stuff that kind of builds up to sort of these major events that we've had happened in the last 60 days,
just, you know, beginning of 2026 and end of 2025. So the Krebs article comes out. And then I get
fished, or at least someone tried to fish me.
Because when Mr. Krebs published that article, another IoT researcher got a super box and
started finding some cool stuff.
And there was a posting of the store itself, like the repo they were using was just
kind of out there.
When it started to get bigger on YouTube, because of Matt Brown's work, all of the sudden,
the store's not there.
It's not, you can't find the repo anymore.
Then I get this email saying, hey, do you have like, you know, the app store dumps?
Do you have some TCP dump?
And I'm like, first of all, that's a very personal question.
Like, you don't just, you know, start off asking for people's TCB tumplogs.
Like, come on.
But I'm like, holy crap.
And it's, of course, coming from a proton mail.
They said they were a computer science student, but they're not emailing me from an academic email.
And they emailed me at my academic email where I adjunct that I don't put out anywhere.
And I was like, how the hell did you get this?
Number one.
Number two, wow.
Like, that was a hard nudge trying to kind of sniff around and see what was going on.
So, of course, I didn't answer.
I was just like, nope.
And then I got a LinkedIn phishing message, too, asking you about, we want to see your Superbox research.
We work at, uh, ISP.
I'm like, that's the tell.
Like, there's certain things that give away these folks.
And so obviously the stuff that I've been working on and looking at.
at this like this is making somebody a lot of money so I'm sure they're they don't want me
going around telling people not to buy the super box but here's me just blanket saying don't buy
the super box um and so a lot of interesting points have been kind of uh interested in kind of
what I've been finding and where where I got so after that happened I got DDoS at my house
what that was wild externally coming from the internet to you yeah how in the world was
anybody know your IP? Well, I don't think, I think in the very, very beginning, and I've changed
ISPs too, which I thought was kind of hilarious that I still got hit. But again, depending on
who's behind it, I mean, they probably have more resources than I do. So they, I mean, if they
really wanted to know, they can probably find out. But yeah, I got nailed, like, pretty bad.
How long? What did it last?
I think it was like 15 minutes. Like, we couldn't, like, nothing would play. Nothing would stream.
I was actually on a signal voice call with like a friend, and it was like all choppy, like, more so than usual, because signal voice can be like hit or miss anyway.
But it was like really bad.
I'm like, holy crap.
Like, I can't even talk to you.
And did you look at the Palo Alto and it was telling you?
Oh, yeah.
It was just like just over, over, over.
Like it was like three pages worth of just this one IP.
I looked it up.
It was in like Ireland.
I'm like, okay, well, that's not.
It was in Cloudflare.
I'm like, okay, well, I don't know who the hell did it right now.
But yeah, I was more upset that.
like, you know, my husband was watching space balls and like that totally got paused because of
this DDoS attack. So yeah, I was like, wow, I made a new friend. I got DDoS to the help.
So this brings us into January of 26. And around then, we saw the largest botnet DDoS attack
ever. It was the Kim Wolf Botnet. And it was launching attacks at 31 terabits per second.
It basically had control of two million devices and can tell this.
them all to send traffic to a specific IP on the internet, which would basically flood any computer
with so much traffic that it would knock it offline.
And you think the Superboxes were part of that botnet?
They were confirmed as part of that botnet.
But here's the thing.
From my understanding, it wasn't the makers of Superbox who were involved at all in this botnet.
These things shipped with a really old version of Android and are loaded with all kinds
of remote access features like Team Viewer, Netcat and stuff.
So the person behind the Kim Wolf Botnet simply found how vulnerable.
these superboxes were and spread their botnet onto a ton of them.
So now this guy, Dort, who's the one who made the Kim Wolf botnet, controls the superboxes.
I mean, if I wasn't already extremely concerned about who's in these superboxes listening,
now there's Dort in there too, and who knows what he's doing with these things,
turning them into weapons, I guess.
And if Dort can get into any superbox that's on the Internet,
then does that mean anyone else can get into these things too?
Like, are there a dozen spies in these things listening to us,
seeing what we're doing on our microphones and stuff and poking around on our networks.
Gosh, I was telling someone about this the other day,
and their first incident is that the CIA must be in there listening to.
And you know what, at this point, I don't doubt it.
The fact that these superboxes are getting infected with more malware by random people on the internet
just makes it so much worse.
So at this point, it doesn't even matter of China's behind this,
because pretty much anyone can take these things over and eavesdrop on us,
or use the device to attack someone else with.
This thing is radioactive, and it should be.
smashed, burned, and yeated into space.
Cloudflare, you know, put out a report that talks about kind of the DDoS statistics for the year for 2025.
And they said that the Aceru Kim Wolf Botnet was the busiest.
And they mitigated, I think it was, I think of the number was crazy.
Like over 2,000 attacks they mitigated originating from this botnet.
I'm like, wow.
So it's been busy.
Basically, the Kim Wolf Botnet is a DDoS as a service business.
You can pay them money.
And then they'll aim this botnet wherever you want.
The target of your choice.
and it'll take down whatever you tell them to.
So it's purely profit-driven for whoever's behind it.
Did this box try to communicate with other devices on the network?
Yeah.
Internally?
Yeah.
So I had my two little sacrificial raspberry pies, as I call them.
I was like, well, once you've touched this network, you can never go back anywhere else.
So thank you, my little lambs.
And so the raspberry pies sit there on the network.
And I, you know, I didn't even name them anything interesting.
But I'm looking, I've got TCP dump running on them.
and the boxes are just going freaking crazy.
Like all of them are just actively trying to like poke at it.
I'm watching scanning.
I'm like, are you guys end mapping this like little raspberry pie in here?
Like, what the hell?
Again, they're doing that discovery when they get on a network to see what's on the network.
Yeah.
So if you're working, say, from home and maybe you're in a position of trust, you're in some type of like important position or you have like, you know, privileged credentials, things like that, you have this thing sitting on your network and don't know, like, what it's, you're in.
potentially doing, it could be sniffing
creds every time you log into work.
It could be discovering your work
device on your home network because a lot of
folks don't have any segmentation
on their home networks. I mean,
you know, the possibilities really
are endless if we think about it
as just like an attack tool.
I did get a report from someone
that there was one at
a remote employee's house that was
actively trying to poke stuff on their corporate
network. Okay,
so try to figure, do they have a VP
between their home and corporate network?
Uh-huh.
Gosh, this thing is bad.
I still cannot get over how it scans your house,
attacks the devices on your network,
knocks them offline, and impersonates them.
Ah, this is such a nightmare.
It's like a perfect Trojan horse,
like in the traditional sense.
Like, if we go back to the original story,
here's this big present,
and we're going to hide inside.
Here's this device that lets you get all the channels
and somebody is going to hide inside.
Okay, fair.
It solves a ton of,
of problems for people, and that's the big reason why they want to get it. But my gosh, at this point,
the veil is lifted. We can see the spies are inside of it, and I'm glad that word is out now, right?
And that means that there's enough information that everyone should be extremely careful and not by
these things, and it should be clear that nobody should get this thing because it's just pure evil,
right?
Earlier this week, an article comes out on The Verge. And I'm like, oh, the Verge. And it's talking about
the Superbox and the VC box.
And basically, and you know, I'm a big wrestling fan.
So, you know, we call it getting over or putting someone else over.
It's basically trying to put over the super box and say like, oh, well, like, you know,
there's people at the farmer's market selling these.
And, you know, they've also got like some goat cheese and stuff.
So they're just trying to make it.
And like, this guy was a retired cop in upstate New York.
And now he's trying to help, you know, his church get access to quality television.
And I'm reading this like, this is literal propaganda.
Like, oh my goodness.
Like, this is this is.
what they mean when they say like it's going to be plain as day in your face and you're not
going to understand that like again an average everyday person is going to read that and be like
oh well these people don't care like in the article like it verbatim said like oh i don't care
about sending a couple thousand dollars a month to china every month because i you know i'm helping
people get affordable tv sorry i had to pick my jaw up off the floor what this verge article is titled
everyone is stealing TV.
And yeah, it simply talks about how so many Americans are selling and using these things,
like they interviewed Jason and Natalie and James and Eva,
all who are happy superbox users and resellers.
The quote from Eva is,
I've been on a crusade to try to convert everyone.
I'm completely flabbergasted by this article.
Like, what are we even doing?
I mean, let me read one part to you.
They interviewed this guy, Jason, who earns a commission for every superbox he sells.
After signing him up as a reseller, Jason's Superbox contact also recruited him for a unique side gig.
Whenever Jason finds a Superbox advertised for less than the company's suggested retail price,
he buys it and sells it back to the company for a premium.
He says that the Superbox maker then checks the device's Mac address
against a list of past sales and remotely deactivates all boxes it sold to the reseller
who openly advertise the unauthorized discount.
Offending sellers are then asked to pay a fine, Jason says.
Consumers who happen to buy a box for the wrong price find it locked,
with an on-screen warning telling them to contact their service provider.
To alleviate the concerns of would-be buyers fearful of getting scammed,
device makers maintain online verification tools.
Each reseller gets a certificate with a unique code.
Enter that code into a web form,
and the company will tell you if the reseller in question isn't good standing.
Oh, thanks, Virge, for squashing my concerns about being scammed by someone selling me a cheap superbox.
I feel much better now that you told me that there's an online verification tool
to check whether this seller is legit or not.
This article, in my opinion, is all hyped for this thing.
It doesn't raise any of the red flags that I see on it.
I simply cannot believe the Verge posted this article.
This is ridiculous.
I am officially nominating this article for a pony award.
Then yesterday, there was like, I think,
I think it was called like the Tech Brew Ride Home or something like that.
At the end of the episode from yesterday, he spends about five minutes and he's basically,
it sounds like he's reading The Verge article.
And I'm like, no, like, don't repeat it.
Like, we're already, again, they're already trying to discredit any of the research that any of us
have done on this to basically prove that like this isn't something you should be getting.
And what cracked me up is in the article that said, well, it's not like you can get these
at Walmart and Best Buy.
because everyone knows it's illegal to have pirate devices at the store.
And I'm like, no shit.
But they're at Walmart and Best Buy.
And I don't think you understand how crazy it is to have an influencer marketing campaign
working against us here.
You're not buying these things from some shady guy in a dark alley who you know is 100%
illegal and is probably scamming you.
You're buying it from a soccer mom, a guy with a stand at the farmer's market,
your church friend, family members, gym buddies, coworkers.
And when it comes into your life in this way,
it doesn't feel illegal.
It doesn't seem shady.
It feels like you're clever and smart
to get such a cool gadget.
I remember kind of the old adage,
like you know, back in the 90s, early aughts,
like especially all of us who've been on the internet a long time
and those who were like in high school and stuff like that
when in the early days of the internet,
you know, you felt like you could spot a scam from a mile away
because the skill wasn't there.
But this is sophisticated.
Like, again, they're hitting it
from a few different angles,
they're making sure
that they have people ready
to counter any negative,
like press or posts
or anything like that.
They're making sure,
like we've said,
to tap into the economic anxiety.
Like, it's crazy.
I'm like, wow,
they've put so much time into this.
But then you think about
where these things end up.
I mean, you know,
you know,
people that work weird shifts,
or maybe they work in,
like, you know,
some kind of weird office.
It's boring at night.
Maybe they're on graves.
Oh, I want to watch the UFC.
fight, let me bring my super box. And then that thing just gets busy devouring all the computers at work.
Or it's brought to a hotel to watch TV on the go. Or maybe the coffee shop owner installed one so they
could play shows on the TVs in the shop. And now when you get on the Wi-Fi in that shop,
suddenly you're on the same network as a computer that's proving and scanning you and attacking you.
This is why I never use Wi-Fi in a coffee shop or a public place. I just picture it riddled with these
diseased, infected boxes that are desperately trying to get access to my machine the moment it connects.
I bring my own Wi-Fi hotspot with me everywhere I go, so I only trust my own network.
The funniest thing I think that has happened so far was being out at a fa restaurant,
and, you know, I'm looking around because someone had just told me they were at a fall restaurant
and saw three of them in there.
So now I go into places that I'm looking and making sure there's not, like, a super box behind
the TV and stuff like that, because.
even if it's not doing anything else,
just the fact that anything you connect to it,
it wants to know about it,
and it's going to start poking at it,
to me is scary.
Like, if I connect my phone,
like, and what made me upset about this whole situation
with my dad is like,
I went over there and didn't know he had these
and had connected, like,
my work computer at the time and, like,
my phone and stuff to the home network
because I was visiting for a couple days.
And I'm like, you have these things in the house.
These have been plugged in the whole time.
Like, you, what?
And so it exposes all of us.
in a lot of ways that we may not want to be exposed.
And, you know, I'm not doing anything shady,
but, like, I want my privacy.
And I saw you are bringing a Faraday bag with you everywhere you go.
Is this why?
I mean, it could have something to do with it, for sure,
but also just trying to be more cognizant of my own,
like, personal security hygiene.
Because I think for a lot of us that have been doing this for a while,
there's always going to be places where we're just like,
I don't just, I just don't care that much.
Because we already, we're already in it so much all the time.
but I spent some time kind of reflecting on, you know, I was out traveling.
And I think I got popped with something because my phone was acting crazy and all this other stuff.
So I blew away everything in the house, reimagined everything.
Everything's fine now.
But I'm like, I'm just going to take some extra steps just to make sure.
Because I usually, you know, I always have VPNs on and stuff like that.
But, you know, a VPN can only do so much as somebody's really interested in what you've got going on on the other side of that.
So, yeah, I will just encourage everyone.
to just keep practicing basic security hygiene because the moment we get complacent,
that's usually when we get gone.
Okay, that's it.
I'm taking dead asses cue here.
If she always keeps her phone in a Faraday bag, I think I have to do that now, too.
A Fair Day bag is one that just doesn't let wireless signals pass in and out of it.
Think of it like the door of your microwave, which blocks it so your microwave doesn't
cook the whole kitchen.
Because who knows what coffee shops and restaurants have these things in them and are scanning
my phone, even if I'm not connected to the Wi-Fi.
Like, what's with the Bluetooth and other antennas on this thing?
It's proven to be so malicious that I don't trust it for a second.
I don't even want to be in range of this thing.
Let's put all the pieces together.
Yeah.
And where do you land on this?
Okay.
So the whole picture is somebody, and I'm going to be vague on purpose,
because I am still working to get the full picture of the somebody.
Somebody is basically getting influencers, of course, to show these.
There's an entire distribution network of distributors and resellers.
So they're getting folks, you know, in their neighborhoods and in their community.
and all these places to sell these boxes to friends, family, everybody, as much as they can,
which, again, already weird.
They've already infiltrated all the big box stores.
So again, it's now looks like this normal every day has been around for nine years consumer product.
We still, of course, have the whole issue with them targeting people directly in oil and gas,
which that's still, to me, I'm like, this got mail to you at your house, friend?
Like, are you going to move?
Like, I just, you know, I'm worried for you.
And then we still, of course, just have the endless problem of, like, there's no, like,
legitimate, like, regulatory tracking on it.
They're dark.
There's no FCC IDs.
Like, you can't find really any information on these things.
The one that we did find information on, you know, when you're importing something and it's
coming from overseas, you have to sign off on it and say that, like, you know, it's,
everything's correct.
Like, it's labeled.
It's got the FCC ID things like.
that, and it had a signed one, but the name did not, it was a QQ email that signed it.
And I'm like, so the U.S. agent has a QQ.com email signing off on this device that it has all the
regulatory information and the things it's supposed to have when it, when it doesn't.
That's not, that's not legit.
Yeah.
So it's kind of like, they've got us like on the MLM thing too.
Like, I don't know what it is about America and we love our MLMs, man.
Like there's been like, you know, Amway and all the, you know, there was even like a power one.
So this is just like a new MLM.
It's just streaming box MLM, it seems like.
Yeah.
And I think they're hitting us in such a unique way because they know we're frustrated with the rising cost of cable and all the different streaming services or branching off into their own.
So now you have to have 10 different streaming subscriptions and people are sick of this.
So they're just like, we got the solution for you.
It's perfect.
You get all the channels.
And we don't care about breaking the law.
Exactly.
Yeah, so someone is doing this.
Do you have an idea who might be behind this?
I mean, given everything that's going on geopolitically,
like, of course, everyone was kind of just like, you know, hands up like China.
Like, it just seems like it's obvious, right, at this point,
because why else would it be beckoning straight into Tencent?
The other thing, too, is that as I've kind of been, like,
looking at this and everything else,
the devices themselves, like, they've got a whole, like,
manufacturing arm that has to be, again, China's gotten the manufacturing thing down.
Like, we're all sitting around with iPhones and all these other things like China makes our stuff.
So they've gotten really good at how to fabricate this stuff. And so it actually looks nice.
Like it looks like it's good quality to make it look even more credible for the price that people are paying.
And if we think about, like you said, everyone's stressed out for money.
Everybody always wants a quick fix. We are such suckers for get rich quick schemes.
and things like that, and that is like peak multi-level marketing.
The distributors get a cut from the resellers.
The resellers get a cut from the boxes.
And then if you get friends to also help you resell, you get more of a cut of their boxes.
So, like, it's a perfect MLM.
So they're hitting us from the things that are built into our culture, TV, multi-level
marketing, get rich quick.
They're building into our economic anxiety.
They're building into our complacency with just accepting things that,
even if, you know, we don't know that much about it, it's like, oh, well, we get all our stuff from Walmart or all our stuff from Best Buy. Yeah, social proof. Yeah. So they're hitting us from a few different angles just psychologically, like not even from a technical perspective. Like the tactics and everything that the box are using, those are like table stakes. Like you expect reconnaissance. You expect some of these other things. You don't expect an influencer network that's trying to get these out there. You don't expect there to be marketing. Because if you look at some of the other devices, like there might be one or two.
two videos here and there, like, maybe talking about like an NVIDIA shield as an example.
But this thing has, like, a whole campaign, websites and everything else.
I'm like, who is doing?
Like, you set up a whole brand just to sell these things.
Like, this is insane.
And so, yeah, all that to say, like, we're now at this point where I'm like, okay, well,
we have to make a decision, I guess, as like a nation.
Do we want cheap, easy cable, or do we want to continue to have basically backdoors,
plugged into all of our networks.
Okay, so if it is China, even the Chinese government,
it's crazy to think that the Chinese government would be behind this,
but it sounds like it may be.
They have that unified front as far as integrating everything with the military.
Sure.
So if the Chinese government is trying to get into Americans' homes
in order to gain more access into them and visibility and all that sort of things,
it doesn't seem like we'd be their first target.
So I'm just wondering if there is a,
if we've seen this activity in other countries,
these kind of boxes show up in other countries.
Yeah, that was kind of interesting
because I kind of like immediately,
you know, when I first started looking at it,
of course I wanted to see if there was anything else
that had been reported.
There was a researcher.
I'm spacing on his name right now.
But he had done a write-up on the malware
that was in the T-95 box.
So that kind of got me already thinking like,
okay, so we have seen behavior similar to this before.
I did look in like other countries and stuff,
and like China had already cracked down on these types of device.
I think like New Zealand had already cracked down on these types of devices.
So it seems like this had already been like a similar problem,
but apparently there was also a similar campaign in Taiwan.
About 10-ish years ago, it was all centered around illegal piracy of sports.
And so it was the same idea, though,
they have these streaming boxes that were convenient,
and you could get all the sports channels,
and they were all over Taiwan.
And then they got busted,
and then they weren't all over Taiwan anymore,
but that could have been a test bed to then see,
okay, well, how do we make it work here?
Hmm.
So how does country bust them to that it's no longer valid in that country or whatever?
Like, what are the even approach to stop something like this?
I mean, they, of course, were like,
you got to pull them off the shelves, their bands,
like they can't be imported, you know,
those big kid controls, as I like to call them.
I don't know how long it's going to take to even see that here.
We did just finally get some stuff taken off the shelf that, again, we all had concerns about China.
We all had concerns about, like, you know, what are these devices actually doing?
But it was like years after the fact when it was already a problem.
Yeah.
I mean, even if you did get it banned from Walmart and Amazon and Best Buy, you still have the soccer mom down the road,
slinging them and your electricians coming over and saying,
I got some extra stuff for you if you want to buy these things.
Man, yeah.
So it would be really hard to put the genie back in the bottle at this point.
So that's one prong.
And then maybe another prong is getting ISPs to do something and say,
hey, this is illegal streaming.
So we don't allow that here.
Yeah.
And the ISPs have been really good about this.
I actually got word from a friend who works on an ISP.
And he says that a lot of users,
are reporting that their allocated bandwidth
is getting maxed out super early in their billing cycle.
And they're like, I'm not online that much,
yet it says I've uploaded 360 gigabytes of data.
Clearly, you have a faulty meter.
So the ISP technicians go out to the house and investigate,
and they can't find an issue,
so they swap out their ISP devices
and reset their bandwidth usage.
But then the problem persists.
Next month, the customers call back,
saying, it shows that I've uploaded so much data
that my ISP is now throttling me.
One customer was even seen,
uploading 4,000 gigabytes in a single day.
So the ISP asks the customers,
by chance you have a super box,
and many of them say, yeah, I do. Why?
Well, it's because those things are sending enormous amounts of data to the internet.
But what is it sending?
Sure, it's part of a botnet, so it's attacking other devices by sending floods of data,
but also it just might be exfiltrating tons of data that it's collecting in that home network,
voice logs, network data, photos, files, anything that it might find valuable.
It just sucks it up and sends it off.
I mean, if a device is sending terabytes of data a day or a month,
then the question isn't what is it uploading?
It's more like what isn't it uploading.
So yeah, ISPs are getting hit in the face with these boxes too
and are unsure how to effectively handle them.
I think the telecom and ISP networks understand, I think, their vulnerabilities
is a little bit better.
They're like, okay, yeah, we actually have to look at
what is going on in home networks because we are no longer at the point where we can just pretend,
oh, well, it's consumer. That doesn't impact me. We're all in it now. Like there's no,
we can't, like you said, we can't put the genie back in the bottle. So they've been pretty good about
trying to, of course, sinkhole traffic. So ISPs can, of course, see downstream. But we have to
kind of think about, like, are we prepared to be a country where we are now policing what's going
on on home networks. And obviously, like, that would be problematic for a lot of people.
I think that's going too far.
Right. No, exactly. Like, I think, and I don't think we should have to do that.
This might be the one time that I want Disney to get litigious. Yeah, right? Because why hasn't
Disney figured out, hey, they're streaming this pirity. And because I know that they've always
been really inside this. The mouse is always like ready to strike when it comes to that stuff. I'm actually
really surprised that it hasn't been like one of these bigger like media companies like actually
striking back.
I mean, Google sued the bad box operators.
Okay.
And there was a bunch of like DMCA, like, kind of notices and stuff like that, but it's still going.
So is that going to actually do what we want it to do?
I don't know.
Like, we still, you know, so much has happened in the last couple of weeks that, like, it's going to be a busy year in 2026.
That's all I can really say.
Like, it's, there's so much more that's going to come from this.
I guarantee it.
Yeah.
And it seems like so easy for it to just be eliminated since it is illegal.
And that's the thing I'm just surprised.
I've been stuck on that, honestly.
Like, to me, I'm just like, this is the most blatant example of this.
And like, y'all are out here sending like these, you know, ISP letters to like a single mom
because she wanted to like download Shrek to for like her kids.
But like we're not doing anything about this entire network of bootleg streaming.
That's what's so surprising is the, is the,
the pushback on piracy all these years
and how terrible it's been to
torrent things and how people are, yeah.
Yeah, we're all evil trash for...
Apparently, that's not a problem anymore.
Or they haven't got the memo.
That's what's surprising about it.
Yeah.
And so that's what I think is going to unravel this year.
It's no longer unknown.
And it's like, okay, this is clearly...
Because if it is allowed, then why don't we just make a legit one?
A legit one.
Not a legit one, but a non-malicious one.
Like, we could have a whole new business model.
I'm like, and again, I'm surprised someone just hasn't, right?
Like, I won't be surprised when somebody's like, hey, I'm ethical and I'm going to help you get all the channels like,
well, like, here comes everyone else's money because we don't want implant devices.
But again, there's just a lot all going on at the same time.
Like, obviously, like when we think about the whole.
geopolitical picture. There's a lot of different moving pieces. We've seen a lot of stuff overseas
internationally. And so I still am trying to understand how this might even be a part of that.
So I will be digging more this year. That's for sure. Oh, yeah. I mean, I hope that the update,
whatever comes next, isn't these bad boxes destroyed America. Yeah. Oh, my God.
It is. You're right. They said, if you're putting in, this is a prepositioning move, what is
their final intent and maybe we don't know yet.
And that's what I, yeah, that's the part that I'm still kind of scratching my head about.
Like, it's just, it's the why.
I mean, I'm like, yeah, I guess like maybe the ad fraud, maybe it's the, you know,
residential proxy business they're running.
Maybe it's just the botnet.
But like, there's so many other ways to do all of that.
That's not stand up a whole brand and then market these boxes to people so they buy them.
Yeah.
I predict that we haven't seen the full wrath of what these things are capable of yet.
It's possible that all this is just some prepositioning move of some kind.
And whoever's behind this is trying to get blue-collar workers to give them access into U.S. corporations.
And then what?
If someone gets a hold of our critical infrastructure in a large-scale way, it's like having a chokehold on us.
They could do whatever they want.
So the potential damage these things could do could feasibly be in the realm of nation-fell.
toppling. Does that make me crazy to say that? This is a very reason why I don't like getting into
politics. Politics is designed to confuse you and to keep you from getting to the truth so you can
never be sure of what's actually happening. But even when you get a glimpse of the truth, you then
sound like a lunatic when you start telling other people. Because if I ever see one of these things
plugged in anywhere, I'm going to immediately unplug it and try smashing it to bits. And I can only
imagine the owner of it yelling at me, hey, what are you doing, man? And I'd be like, don't you know this
thing is evil, and if we don't stop it, it might be the end of our nation.
I feel like a lunatic just thinking that scenario through.
But maybe this is the new world that I just need to get used to.
Because even if we all team up to get these things smashed and burned and yeated once
and for all, there's just going to be another thing that pops up.
A 3D printer with spyware, a drone with spyware, a projector with spyware, a router,
a computer, or even a car.
Because if these things are cheaper or better than the competition,
or if they just have a better marketing campaign by paying influencers to spread it,
then this battle to discover it and eradicate it is just going to start all over again.
And I'm not sure it's possible to fix this.
And that's what makes it so scary.
A whole goal of information security is to conduct business in a hostile environment.
Like, for instance, when you do anything online,
you're traveling through a bunch of networks that you have no idea of,
who owns them. So you have to operate in a zero-trust kind of way by encrypting your connections
so that they can't snoop on you and doing things to verify that they didn't tamper with the message.
So maybe this is the new hostile environment that we need to learn how to operate safely in.
Our homes and workplaces, our coffee shops and bars could all be out against us now.
I never expected our home networks to be hostile environments. But let's take this as a sign
that they probably are.
And Spring is here now, so it's time to clean up our networks and make them safe again.
I'm drawing a line on my front door.
Spyware is not allowed past this point.
Thank you so much to Deadass for finally sharing this story with us.
It has been such a treat watching her progress through this over the years,
and I'm so happy to finally tell you all about it.
Hey, listen, I've got some big things cooking up this year.
I'm going to be releasing a new bonus episode real soon here, which is going to only be available to premium subscribers,
and I'm also going to be releasing a whole new podcast later this year.
This is by far the most insane story anyone has ever told me, and it's taken me eight years to make,
and it's finally in its final touches.
But premium subscribers are going to get to listen to it way earlier than everyone else.
What I'm saying is I really want you to become a premium subscriber.
So you just let me know what it is I need to do in order for you to buy me a cup of coffee once a month.
Not even 1% of you are premium subscribers.
So I know it's not you, it's me.
I need to do something to amaze you or wow you or give you something that you can't find anywhere else.
So you just let me know what is it that I can say or do.
So you chuck me a few bucks for what I bring you.
And if you're like, oh, Jack, you've given me enough.
Now it's time for me to give to you, then thank you.
I really appreciate that.
You can become a premium subscriber by going to
plus.darknetdirees.com,
and you'll get ad-free episodes
and a bunch of bonus episodes,
and you'll be the first to listen
to my new podcast coming out in a few months.
The show is created by me,
the failed pro gamer, Jack Recyter.
Our editor is AI's worst nightmare, Tristan Ledger.
Mixing done by proximity sound
and our intro music is by the mysterious
breakmaster cylinder.
What's a pirate's favorite movie?
Anything rated.
This is Darkened That Diaries.