Hacked - Danabot: The Malware Operation That infected Itself
Episode Date: June 16, 2025In this episode: the inside story of Danabot, the malware-as-a-service platform that thrived in the shadows for nearly a decade—until a critical mistake exposed its creators. Just last week, U.S. p...rosecutors unsealed charges against sixteen alleged operators, using evidence pulled not from a takedown, but from Danabot’s own infection logs. Plus: a roundup of other top stories. Last week was a rerun—life got a little hectic—so we kept the mic hot and recorded a 90-minute marathon episode to make up for it. Let us know if you're intro it. Hacked is brought to you by Push Security Check them out at pushsecurity.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
By late 2023, DanaBot had been active for more than five years.
Danabot was one of the better established longer-running malware platforms in circulation.
It was modular and professional, sold as a service to cybercriminals around the world.
The result, by this point, was a network of what the FBI estimate suggests as around 300,000 machines infected across dozens of countries.
People were using DanaBot campaigns targeting banks and crypto wallets and government portals.
And all of those attacks were feeding data back into a command and control system run quietly
by a small crew of developers who made and distributed Danibot.
That meant spending a lot of time in this backend dashboard that they built for it.
And the loglines in that dashboard tell a story.
Of all of the stuff that people are getting up to using Danibot.
Someone clicks the wrong link, a session gets hijacked, a password gets stolen, all appearing
in this dashboard, this list of devices being compromised.
And one morning, someone inside of the operation spots a log entry.
At first glance, it looked like any other infected machine that had come online on the network.
But eventually, they start to clock that there's something weird going on with this machine.
The data trickles in, keystrokes, browser sessions, screenshots, and they go,
boy, does this one infected machine look a lot like one of our machines,
which would suggest that their malware had infected a machine,
inside of their own infrastructure.
At which point, Danabot worked exactly as designed.
The info stealer that was a core element of it grabbed and then importantly stored,
saved passwords and cookies for Gmail, ICloud, Facebook,
and a bunch of Russian social media services.
Their real doxed info was now being stored on the Danobot database.
A fact that would prove to be one of the tollholds
that led to some of the developers of Danobot getting unmasked.
Just this past week, the U.S. Department of Justice unsealed charges against 16 of DanaBot's alleged developers and affiliates.
Names faces real-world identities, some exposed because of this initial infection.
We are talking about a professional malware operation affecting its own operators and the fallout.
Let's start by talking about the story of DanaBot.
Here on Hacked.
Hey.
Hey.
How's it going?
It's going pretty good.
you. I'm doing good.
Jordan and I are just laughing at the fact that every time we like do the cutaway for the intro
sound, we actually like play it and make it up as we go.
It's at a certain point it got longer and you don't hear all of it, but it got longer than
the actual theme song, which is relatively short. And then behind the scenes, there's this like
mad libed acid jazz nonsense shit going on. It is a good warm up before you.
Yeah. It's the way we get the energy going to make this show. It's like that little jazzy ad,
like kicks it off in our mind and we're like, yeah, we're making a show.
Oh, you got it.
You should hear the improv, like the scattered drums that's happening at MPR every day.
It's like a jazz bar.
How you doing?
Good.
Summer's here.
Smoke is here.
Smoke being atmospheric smoke from forest fires, which has just become the standard of norm where I live.
But other than that, good.
It was beautiful in the evening last night, went down to the river, went fishing as a fisherman does.
Just, yeah, enjoy and try to enjoy the summer, the little amount of summer that I get every year.
The brief window.
I will say that like every year when it comes, I feel like this year is different, but the sun isn't going down to like midnight essentially now.
Okay.
And it's so strange.
It's like I feel like this year it's staying up longer than it ever has.
Maybe I go to bed earlier than I used to or something's, you know, physiologically changing with me.
But like, now when I walk into my bedroom and I, like, had to pull my, like, shades closed and it's still bright in my bedroom and I'm going to bed.
I'm like, what is wrong with the world?
Like, has it always been like this?
I remember, I definitely have those moments where I feel like I'm a little kid again when, especially kind of growing up where we're from.
It's like the bedtime of a small child and the moment when the sun actually goes down or like three hours apart.
Yeah, at least.
So you're just like laying there in bed with the sheets up and there's like birds chirping outside and like older kids playing and you're like this sucks.
Yeah.
And now as an adult, it kind of is just happening again.
Exactly.
I went through the stay up way past the darkness.
Exactly.
Now I'm in the decline, the youthful decline.
So you don't be back in bed at 7.30.
Like, why is it so bright out?
I'm fiercely protective of my eight hours of sleep every single night.
And so the sun is just fully up.
So certain nights.
And I do it again.
I do it again.
Do it again.
So what else?
What do we got to cover before we get into it?
I think we should say that this episode is brought to you by Push Security.
Sure is.
More on that later.
Anything else we should cover?
We got some other fun stories I want to talk about after the ad break.
But up until that point, I want to talk about this Dana bot story that came across our desk this past week because of this kind of recent unmasking that happened.
it's a fascinating story.
It's got that fun little turn in the middle of it.
I want to dig into it.
Malware is a service, like to create an enterprise.
Like this, I don't know, just great, great, great, great tale.
Can't wait to get into it.
It's always fascinating the moment when a like small underground cybercrime project
just sort of grows and grows and grows and whoopsie doodle, you got yourself a pretty
real business on your hands here with like clients around the world.
Exactly.
You've got account managers, you've got business development people, you've got an entire engineering team.
Yeah.
And then the, I mean, the thing that's interesting about this is that based on where this is,
we're probably a ways out from seeing any kinds of arrests.
But what we do have is identities, assumed, unalleged, of the actual people.
And it does seem to have to do with this self-infection that took place that adds like an extra
interesting layer to this one.
the U.S. government unsealed charges against 16 of Dianobot's alleged operators.
They've been running this global malware service for years until this self-infection.
And these real name is real lock and credentials were all kind of unmasked.
It's unfolding right now, which is why I think we should talk about it.
Yeah, I'm down.
So it kicks off back in 2015, 2016, with the quiet rise of a user known as Pupkin.
In the weird, murky world of Russian language cybercrime forums, places like, like exploit in and verified, this new vendor
appeared, Pumpkin.
Starts with, like, smaller products.
Nothing quite like what DanaBot would become.
He was selling account checkers,
brute forcers, credential stuffing kits,
stuff to test stolen credentials against
like real world login portals,
but at larger scale than doing it manually.
Lightweight tools, but like effective stuff,
targeting those poorly protected logins,
basically making it easier for people
getting large scale username and password dumps
to test out what works.
Identity theft.
Identity theft.
Push security.
Sorry, I couldn't help myself.
Pumpkin is developing this stuff themselves, but the reputation, based on what I could read,
they started to build more of a reputation, not just as a coder, but as like a reliable
service operator.
We were talking about the business side of all of this.
Pumpkin's thing was like, they will answer your questions.
They're actually updating the tools.
They are keeping customers happy.
And likely research suggests that pretty quickly, if at any point, Pumpkin,
was truly unindividual quite rapidly. It probably came to represent a small team of developers
and infrastructure maintainers operating in Russia and Eastern Europe. I can't help but draw the
parallels in this to like some of the episodes we've done about video game cheating. Because I'm
sure it starts as like one person being like, I wonder if I could build this. And it's like,
okay, I built it. And then it's like, okay, I sold it to a few people. And now I have a Discord and like
a telegram. And now I have 3,000 clients. And I have a customer.
service representative and it just starts to snowball like you would hope a for-profit company would.
Yeah, which this is very rapidly a for-profit business. It's the kind of thing that happens where
you make something by yourself, you put it out into a community. The people you know in that
community, maybe one of them reaches out saying, this is dope. Have you thought about doing this?
And now you have something of a collaborator that maybe becomes a business partner and it just grows
naturally the way those things do.
Customer requirements expand.
The scope of your product expands.
The scope of your engineering team expands.
Scope of your revenue expands.
And now you live in some island
with a bunch of money from malware.
May 2018,
proof point, the research firm
first identifies DanaBot in a fishing campaign
targeting a bunch of Australian banks.
Victims had been getting emails
with this malicious Microsoft office document
containing some macros.
macros are enabled, the document downloaded this DanaBot library, boom, they're infected.
It was modular. It was built from these discrete kind of off-the-shelf components.
It did a couple of key functionalities that still persisted through DanaBot's whole history.
Key logging, credential dumping, remote access, information stealing.
The good stuff.
The good stuff.
Importantly, analysts at this time start to spot what you might expect, which is some geo-fencing logic
that prevents the malware from executing inside of countries like, same with me.
Shocking.
Shocking.
You got Russia.
You got Belarus.
You got Kazakhstan.
This is likely to avoid drawing the hour of local law enforcement.
This is a hallmark of these types of cybercrime gangs is you don't.
Putin's cool with it as long as you're not doing it to him.
100%.
Yeah.
Don't.
I think I can say, I'm watching the language.
Don't poop where you eat, I believe.
would be the, which is somehow worse than just saying it the way you, right?
It sounds more disturbed.
Yeah, yeah.
It's not just an expression.
It's like advice and it's too literal.
Don't eat with your left hand.
There you go.
I don't know if you get the reference.
I do.
I know.
You've been Indian stuff.
So 2018 to 2021, this is the rise, I would say, of Dana Bot.
It's evolving as a platform.
The affiliate side of this, the buyers and renters of the malware, start getting their own unique versions with their own unique campaign ideas.
They're white labeled.
They're white labeling.
Yeah, white label business.
Gotcha.
And now the central operators through this dashboard we talked about in that intro story are able to track usage, build the users accordingly.
They're able to manage support.
This is modular and scalable.
It is software as a service.
Multi-tenancy, they probably have all of the same.
I don't know why I'm shocked by it.
Like, I'm not shocked by it.
It is just a SaaS business model applied to an illegal business.
Like it makes complete sense.
Yeah.
When you read about, when you read DanaBot coverage from this window of time,
because this was, I would say, four or five years ago,
malware as a service had existed,
but it was getting a lot more coverage of like,
you should understand that the way this works isn't an intrepid code or goes out,
builds a custom tool set for themselves,
and then goes out into the world and tries to do crime.
It's that the affiliates of this do not need to be coders.
They can pay money.
They're being sold to by salespeople.
It's a sales pipeline.
It's a sales pipeline.
It's literally just like, yeah, we have a business development model.
We have an affiliate sales channel.
We have a vice president of affiliate sales who supports them.
It's like, it's just, it's like, if you called a telco, they would have the exact same
structure.
The idea is that like you're working with.
them as an affiliate. You're working with them as a contractor. You are paying them to deploy campaigns
and to collect this stolen data via this panel, this platform that they're then delivering back to you
in the form of a report. It's very, very corporate, except its crimes out of Belarus. It's fascinating.
I would typically at this moment love to use the term that I love wasted utility, but I actually
don't know if this is wasted because it's obviously a very successful.
enterprise. Like, is it furthering the good of humanity and, you know, positive utility? No,
but it's still providing utility. 100%. Yeah. So there's the self-infection that we talk about.
I talked about in the intro. There were other little sort of hiccups along the way. In 2019,
there was an admin panel leak. It is unclear if this is a disgruntled affiliate, just an operational
security slip up. But screenshots of that, that all-important Dana-Bot backend,
admin panel get kind of leaked out.
And researchers start to sort of figure out how this is all working.
They get a sense of the scale of the bots that are operating in different countries and
the number of different users.
It's basically like if you were familiar with Google Analytics, but make it crime.
Like people start to see what this actually looks like on the back end.
And we also learned that like importantly, Pupkin's group, this dev like group is enforcing
rules. They're vetting affiliates. They're imposing that geo fencing still that kicked off in
2015. That has persisted to this day. You are not going to be targeting a dot-r-U domain or a
government institution. The rules are clear and they're quite well enforced because Popkin seems to
know how to run a business. Yeah, the executive subcommittee for risk assessment has identified
that a vote an infiltration at the affiliate level could poise big, big, big,
big risks for them in the future.
But in the meantime, it's going off like gangbusters.
2020 to 2022, it's expanding.
You're getting campaigns running in Poland in Italy.
The Italy one was interesting.
They took down the tax website and replaced a bunch of banking forms with fishing fields.
It seems to just that just worked.
Yeah, of course.
Yeah.
There were, U.S., it was a lot of crypto like exchange redirection-y type stuff.
You think of like 2021.
It was just great time to be in that world.
Yeah, exactly. COVID's kind of hitting chaos is going. Everybody's talking about dogecoin and how it's going to pay for their life.
Yeah. And for some, it did. The other thing was that DanaBot at the start started collaborating more with other people in this ecosystem. It was being used as like basically a secondary payload deployment thing. And again, you had just a great platform by which to get crypto scams and banking scams and all manner of stuff onto people's systems. It's now becoming.
not just its own service, but a front door for other people's stuff to get onto people's systems.
Yeah.
Mid 2020, the FBI working with international partners, quietly seizes a bunch of these command and control servers used to operate Danibot.
These were the places where that back end infrastructure, the servers that received all of that stolen data, they managed the plugins, they stored all of the logs.
and crucially for this unmasking that we're building to,
the data on those servers doesn't seem to have been encrypted
in the same way as some other stuff.
So you have basically just like full stack.
Like we got bot logs.
We got the configurations of the campaigns.
We've got just like a really, really good document of everyone that was infected.
Well, you see encryption takes up extra space,
adds additional system latency.
And when you're like causing,
crime. Like, if you get hacked, what's the worst that's going to happen? You know, what's the worst
that's going to happen? Well, you're not poop pooping where it's bad. We need a, we need a kid-friendly
version of that expression. You're not doing crimes in your own backyard where the cops are going to get
mad at you. Let's just put it that way. That's, that seems to be the trick. Probably have a friendly
relationship with the cops in your own backyard. You probably help make their annual bonuses with your
additional tax revenues.
2023, this is all starting to get
a little bit sloppy.
Analysts from Checkpoint,
malware hunter teams start to see some inconsistencies.
Just like, suffice it to say,
the obfuscation starts to get a little bit poorer
as the network of affiliates starts to grow.
This is largely coming from like lower tier affiliates,
cracked versions of the malware.
I think at certain points people were pirating Dana Fott.
That's so funny.
That's so funny.
it's like your product's so good that there's now like you know stolen versions of it's circulating
right there's an unconfirmed theory um that came up in like some of the intel research talking about
like one of those self-infected machines might have revealed some internal chat logs like potentially
suggesting that this period of time there were some disputes between those affiliates and pumpkin
There were, I guess what you might call customer service issues at this stage in the operations history.
I really, like, knowing that they rode geo fences to prevent their, like, you know, their malware from infecting regional systems.
It's surprising that they didn't go to great lengths to make sure that there was no protection about the malware getting on any of their actual operational systems.
Yeah.
Yeah.
Yeah.
Yeah, for as tightly run a ship as it was on the customer facing side,
there were spreadsheets being manually updated.
There wasn't necessarily rock-solid operational, like, underbelly to this whole thing.
Some of it was extremely well done, and some of it was a off-the-shelf malware as a service
Russian cybercrime operation, and you're going to get a mixed bag with something like that.
Okay.
Okay.
So Danabot, it's thriving.
It's a little messy at this point.
It's gotten quite big.
The self-infection has occurred.
The dashboard leak has occurred.
Early 2024, we start to get a little bit of the unraveling.
Danabot, like these campaigns are still continuing, but it's becoming less popular.
There's newer malware starting to make its way onto the scene.
Really purpose-built.
Competitors.
Competitors.
competitors. New competitors have entered into the market. I like this. It's good. A bunch of the
accounts on like the different underground forums where like Pupkin and the rest of the DanaBot admin
team were really prominent start to go dark. There wasn't really like a big public takedown or anything
or like a public doxing. They're just sort of quietly turning the lights down and loading out all
of their stuff in the like cardboard boxes. May 2025, we get.
this big U.S. Department of Justice unsealing of these criminal charges against the 16
individuals accused of developing and operating DanaBot, this whole Malwar Service.
They go after these two ringleaders, and they cite more than 300,000 infections globally
and $50 million in losses with DanaBot sold to affiliates at about $3,000 to $4,000 per month
we found out in this indictment.
What really sealed the case was it would seem this initial accidental infection that we kicked
off the episode talking about these develop machines that were runningly active the payload,
that phoned home back to their own servers with their private credentials like any other one of
their victims. You got their credentials, their panel sessions, their messages. And that's how
investigators were able to use this data to correlate the hackers' aliases to real names,
confirming the identities through subpoenaed subscriber information from the tech providers.
Despite this indictment, none of the 16 defendants have been arrested.
arrested. All are believed to be residing in Russia beyond the reach of U.S. law enforcement.
In spite of that, though, I think it's worth talking about because this kind of exposure is still
quite rare. It didn't collapse because of a whistleblower. It didn't go down because of like a rival
crew or anything. They self-infected themselves. They slowly just kind of started to try and
turn the lights down so no one would notice. And in spite of all that, still kind of managed to bring
themselves down a little bit. Yeah, kind of took itself down with its own telemetry.
Good way of putting it. Thanks. I find it, I wonder, so this is like when I initially read the
story, the thing that jumped out of me is, it's like, I wonder if this is giving law enforcement
an idea. Say more. Well, just like, malware is used for so much bad. And
in this situation, the malware was part of what brought them down.
So essentially getting access.
Like, you know, for so long there's been confidential informants and there's been, you know, people going undercover.
There's all these ways to try and penetrate these organizations.
I wonder if the justice departments of the world are not sitting there being like, like, they're doing it.
Why don't we do it to them?
Because it's like it's showing how effective it is to attack these groups with their own.
you know products essentially right like if to pose as a customer of one of these malware as a
service things and then inadvertent not inadvertently very intentionally try and get the tool back
onto the developer's system yeah i don't know if i'd pose i don't know how the attack vector for
getting it out of their system but i wonder if you don't have law enforcement sitting back being like
maybe we need to fight them on the same battlefield.
Sure.
So like if they're going to be running in this malware as a service, malware space,
like we know that we can get to them digitally if we had malware on their computers.
We could do better identification.
We could see what changes are coming to further prevention mechanisms.
We could, the same way that people are penetrating software packages,
like we talked about the other day and things like this,
and introducing malware and backdoors and rats
and all the rest of this stuff.
If you're in law enforcement,
if I'm reading this,
like if I was reading this from like a white hat perspective,
I go,
wow, look at how valuable that was to our investigation.
Imagine we just had some of those tools of our own,
which I guess, you know,
brings up a whole conversation
about the U.S. government NSA
and people that have moved to Russia
to get away from persecution.
But, yeah, I,
I have to, so I guess a few things.
I would assume at this point that cybercrime law enforcement must be in the business
of developing their own custom malware.
Yeah, I was going to say tools, but it's like the tool being malware.
Yeah, yeah.
Because you don't need to get a cell, like the self-infection of this is a great hook and a cool
reason to talk about it because it's, it's interesting.
But it's not necessary and it's not even that effective because it, again,
because it was a self-infection,
the doxed information of the developers
was stored on their command and control servers,
which meant that you still need to seize their servers.
But if you deployed something that you controlled and you built,
you don't need to seize anything.
It's going to come right back to you.
Exactly.
Sure.
The,
I looked into the technical specs on this,
and it was all written Delphi, like Delphi, Delphi,
D-L-P-H-I.
Most people say Delphi,
but I think it's properly pronounced Delphi.
Okay.
That's coming from my deep knowledge of the Greek language, thanks to my wife.
The, which is weird.
It's a weird language.
It's an old language.
It's not a common language.
It's just, it's a language.
And it's like, it's something that, like, I know hundreds of software engineers,
and I might know one that knows Delphi.
Interesting.
Yeah.
But.
I wonder what that suggests.
I don't know.
Probably.
My initial reaction when I heard that was that the pumpkin was probably older.
And that's only because people that I know that know Delphi are typically older,
university professors, people like that.
It's not a language that many people learn nowadays.
Like every software engineer knows Java TypeScript,
but none of them know Delphi.
Interesting.
Yeah.
Huh.
Yeah, it seemed it was very well established.
and I'm struck by the fact that it's collapse and kind of them just sort of turning the lights off
on themselves lined up with this much larger rise of like malware and stealer logs and
session hijacking as a service type products. They got cheaper and cheaper and cheaper. These big
bulk info stealers. Like there was a little bit, there was a bunch of these tools flooded the
market around this time and got just like a glut of credentials flooding into the market,
pennies per victim, it got really, really cheap.
There was, in our market term, sort of a race to the bottom a little bit that didn't necessarily
lead to the self-infection, but probably did lead to the breakdown of the operation, which
may have contributed to the breakdown of the operational security, which may have led to that
breakdown of, which may have led to that self-infection.
Like there was a race to the bottom in this marketplace and this pretty well-built, thoughtful piece of software suddenly was struggling to confirm, to compete.
And I found that part of it pretty interesting.
Let's hang and talk about the self-infection momentarily.
Yeah.
Like I'm just thinking about it.
Like if you are saying like geofenced off, like say our entire engineering teams in Russia are executive.
Interesting. Sure.
And all of our computers are immune to it.
Yeah.
What do you think the chances are that somebody got it when they went on vacation?
No, I know what you mean.
It's like if theoretically one of the like special rules of this service was you don't go after people in your own backyard.
And one of their own people got got, it's like, okay, well, was a member of the team outside of that geo fence?
In which case the geoffense was rendered poorly, were they typically outside of that geofense?
or did they connect to the network while they were traveling to your point while they were on vacation?
It's like, I don't know what the story is, but if you look at what happened and you looked at the rules of this service,
something happened that allowed that to sneak on through, and it's unclear what it was.
Yeah, apparently they had 150 daily active command and control servers, which is a lot.
And they were running approximately a thousand daily victims.
So like, oh,
as a service.
Yeah.
Yeah.
Like,
we've talked about bit lockers and, like,
encryption malwheres that, like, lock you down.
They have to pay for the key.
So I'm just wondering, like, it would be fascinating to know the revenue numbers for
something like this.
Like, whenever we talk about these businesses, I always run some dumb calculation.
But, like, a thousand victims a day.
Like, obviously, they were charging three or three.
or $4,000 a piece.
But as the ecosystem goes, like, what was the actual, like, financial costs would be
fascinating to know how much money they were bringing in.
I saw, so I think that the charges, and this would all be negotiated in a court environment,
but I think the charges estimated a $50 million in damages.
Yeah.
That's actually not crazy high.
No, because I think a lot, it's like they were doing huge scale, but I don't think any
of them were massive. I'm sure that some of them were very large, but the vast majority of them
were zero. I think a lot of the time you're not getting the hospital that will pay anything
to get out of a ransomware situation or you're not breaking into the crypto wallet with,
you know, five million dollars in it. A lot of the time it's...
We're picking up pennies here. Yeah, yeah, yeah. But still, a non, a pretty real amount of
money. So the, one of the thing I thought was interesting is aside from not being persecuted
by Russian authorities, even though they're been identified.
A lot of their activity actually happened.
They had spikes in activity that aligned with Russian geopolitical interests.
So when Russia invaded Ukraine, Ukraine got hit, blasted with a Danabot attack at the same time.
Huh.
Shows you there's a little bit of, I'm motioning my hands side by side, but.
Yeah, sure.
Alliance maybe.
Some collaboration.
Collaboration.
Yeah, big companies, maybe a sponsorship for a presidential campaign.
Donate some money, buy some political leeway.
If you're not doing it, what are you doing?
It would make sense that you don't mess around inside of the geo fence because you don't
bug law enforcement.
And maybe you curry a little favor with law enforcement.
Yeah, that all seems very plausible to me.
You'd also talked a bit about how there were modified versions of it and, you know,
the white labeling aspect of it.
There was also a version of it created that explicitly targeted military and diplomatic systems.
Well, there you have it.
Well, there you have it.
Well, there you have it.
Maybe not so not state run.
after all.
No, I would, I think you might have connected the dot there.
So I think that's DanaBot.
I think we're going to kick it over to some, some, some, some commercials, however briefly,
a little ad water slide.
And when we come back, boy, am I excited for us to talk about a big old AI powered software
engineering platform that wasn't.
Recently, Jordan, somebody that's two of a.
us know, forwarded me an email and said, hey, I can't log into this Microsoft platform.
Do you have any, can you try and see if it works for you?
And I said, sure.
I immediately looked at the URL that it was, the link was going to and it was deployed on
some Indian engineering company's server in some non-exposed directory and immediately knew
what was happening.
and it was adversary in the middle.
So it had a full, full version so that the password manager would use your password
manager passwords.
It was coming from Microsoft, but it was definitely not Microsoft.
And yet it was using the password manager.
That's spooky because I feel like a lot of people rely on the password manager
to correctly identify that the site that they're logging into is the right.
real one. Yeah, so we talked about this with Adam, the episode, and I immediately identified it,
noted it, messaged them back and was like, hey, you know, this is a fishing attack.
You've been fish, change your login creds immediately.
Oh, scary.
And yeah, that happened in our circle quite recently, which brings us to the sponsor of the show,
push security.
Because those kinds of things, like fishing, credential stuffing, session, hijacking, and
account takeover are now the number one cause of breaches right now. Yeah. And with the ability to
trick password managers into still delivering the username credential and passwords,
why wouldn't you? Exactly. And meanwhile, most of the security tools people use are still
focused on endpoints, networks and infrastructure. And meanwhile, the browser, where all that gnarly
crap went down, the actual place where people work has been mostly ignored. And push, they're trying to
change that. They built a lightweight browser extension that observed.
It serves identity activity in real time.
It gives you visibility in how the identities are being used across your organization.
When logins skip multi-factor, when pass years get reused, and when somebody unknowingly enters
credentials into a spoofed login page.
Then when something kind of sketchy or risky is detected, push can go ahead and enforce
protections right there in the browser.
There's no wait.
There's no tickets.
It's just visibility control directly at that identity layer.
And it's not just about prevention.
Push also monitors for real-time threats like adversaries.
in the middle attacks.
As we saw here, stolen session tokens and even newer techniques like cross IDP impersonation
where attackers bypass SSO and MFA by registering their own identity provider.
It's kind of like endpoint detection response, but just for the browser, honestly,
very, very relevant to your case study.
Yeah, it was someone's client's email got hacked and they drafted a perfect response email
and sent it out to a bunch of people that looked exactly like one of their emails.
Like seeing the power of AI and the scripting, like it was, it was, hey, we have a request for proposals.
Please download it at this link.
Thank you, blah, blah, blah.
Here's the timeline.
Like, it was nailed.
It looked and was a perfect email clone because it came from a hacked email account.
Yeah, of course.
And then it just had an adversary in the middle link to get to those RFP documents.
Boom.
Anyway, back to push.
The team behind it's great.
If you want to know more, listen to the episode we shot with Adam.
Amazing.
There's literally no better way to understand what this company does than to listen to that episode.
Identity is the new endpoint.
Push the streeting it that way.
Go check them out.
Pushsecurity.com and listen to that episode with Adam if you haven't because it is awesome.
Pushsecurity.com.
Think about the last time you heard a breach story on this show.
It always starts the same way.
Someone somewhere saw something to.
late, an alert buried, a signal missed, an SOC that just couldn't keep up.
Arctic Wolf set out to solve that problem by rebuilding security operations from the ground
up for a world where attackers are already using AI. They created the Aurora superintelligence
platform with fully agenetic system powered by the swarm of experts. Instead of single-purpose bots
or lucky-guess LLMs, this swarm is full of deterministic agents that handle whole entire workflows.
Humans stay in the loop and on the loop to validate the critical decisions and keep everything
trustworthy, and all of this is just off running on their secure operations graph.
A constantly updating intelligence engine fueled by more than 9 trillion telemetry events
every week and over a decade of real-world incident response.
The system reasons on real signals and real context not synthetic training data.
And the result is the new Aurora agent SOC.
It's the first SOC that is agent led by design.
You get agents that coordinate, agents that investigate, agents that respond at machine speed,
and hundreds more that automate the repetitive work that normally
buries human analysts. Arctic Wolf didn't try and bolt AI onto an old model. They rebuilt the
model entirely. What makes it even more effective is how it works with Arctic Wolf's concierge experience.
The team brings customer-specific context directly into the platform so every AI-driven decision
reflects your environment instead of generic assumptions. The automation frees your concierge security team
to focus on higher value strategy and proactive risk reductions while the agents handle the grind.
If you want to see what trustworthy,
production-ready AI and security operations actually looks like, go to arcticwolf.com
slash hacked.
Never feel like cyber threats are evolving faster than anyone can keep up?
Last year, 2025 was nothing short of a record-breaking year for major breaches, from sophisticated
ransomware operators to AI-enabled attacks that turned defenses on their head.
Organizations around the world saw headlines they never expected and cybersecurity teams
were tested like never before, but here's the thing.
These incidents aren't just news headlines.
They're learning opportunities.
And that's why Arctic Wolf is hosting a live webinar on February 5th,
diving into the most impactful breaches of 2025.
Their field CTO and security leaders are going to unpack not just what happened,
but why these attacks succeeded.
And most importantly, what businesses can do to fortify their defenses for it's too late.
You're going to walk away with real insights into how threat actors are evolving,
how defenders are responding,
and what strategies can help you stay ahead of the next big breach.
It's not fear mongering.
It's practical, actionable, intelligence from experts in the trenches.
Register now at arcticwolf.com slash hacked.
Jordan, I'm excited about this one because we get to talk about fraud that's not crypto-related.
Hey.
No coins in this one.
If you're not up on it, which I hope some of you aren't because it's a good story.
This is a story about an AI company that wasn't.
and about a bunch of money that was invested and a bunch of things that were supposed to be happening
that just turned out to be a room full of Indian software engineers.
There's just so much buzz around like no no code platforms and vibe coding and you can make
anything just by sort of winking at your computer like that's the moment that we are living in
and it is admittedly and like it's it's a very exciting moment.
many of these tools so extraordinary. And these brave people ask the question, what if,
what if we just lied about that? Wait, here's the, like, I have so much to talk about
this, but like here's the trigger. This company came out in 2016. So like we're talking way before
the AI revolution started. So these people came out and said, we have the ability to do this.
We're doing, they said back then that they were doing what we're doing now.
Yeah.
So like, and it's not, I think they're trying to move away from the no code world and they're calling it natural language coded or like it's all based on NLP.
But whatever, same thing.
You're not writing any actual source code.
So no code works for me.
But like these people were like, I think, I think the AI revolution and how good it got is what killed these guys.
because they were running this scam.
So, okay, I should go back and tell the story what this is.
So builder AI, builder.
AI was a no-code platform.
Originally started as engineer.a.i.
It was founded out of London, England.
And they essentially made the same promises
that you're seeing by things like Replit and lovable and stuff today.
You go in, you type a natural language prompt,
and instead of getting instantaneous code back,
you eventually get code back.
because, you know, humans were writing it rather than robots.
Anyway, so they raised boatloads of money, securing valuations as high as $1.5 billion,
I think on their last raise.
They raised $250 million from Microsoft in 2023.
I think that was their last big raise.
Yeah, $450 million total before the whole House of Cards came tumbling down.
Correct.
And here's what I think is funny is they
It worked for so long and
And convinced so many smart people
And they tricked so many people
And I think the thing that killed them
Was the fact that AI actually showed up
You're right
Like they could have just branded their company as
Engineer.A.I and then just claimed that
I don't know, the AI was a room full of Indian software engineers
and really what they were writing was a was like an outsourced channel model affiliate sales vector pipelines
the whole nine and and I think what really killed them is they probably when people showed up
with real AI that could do this they were like why does yours take so long yeah it's like well
there's actually people doing the work so yeah we we should talk through the timeline of this because
I find it interesting but like I wonder if maybe what happened was that for that 2016 to
2020 pre-chat GPT era of time.
They were able to hide behind a story of like, well, this is proprietary.
We don't want to show off exactly how this is all working.
What you need to understand is the user experience.
You submit this prompt and our AI coding assistant Natasha will automatically do the software
development and deliver the code back to you.
2020 pops off and everyone goes, oh, LLM's tokenized natural language.
Got it, got it, got it.
So that's what you've been doing.
Can you show us that now?
It's no longer proprietary.
You could show us how your LLLM.
works, you must have one of those, right?
Show us your agentic system.
Sure would be cool if you did because the other company that has one is now worth a
good trillion dollars.
And I would imagine that's the moment where the lie gets really, really, really hard to
keep telling.
Yeah.
Yeah.
So they had apparently upwards of 700 full-time engineers manually coding projects in the
background.
So really what this is is like labor cost arbitrage.
Yep.
It's like we're selling like this expensive.
service to, you know, first world countries with high GDP per capita's, and then we're
leveraging cheaper smart labor, like, but just literally labor cost arbitrage. And it, they
worked for them for so long. They probably did exceptionally well. But the problem is that they
were hiding behind this veil of like, it's an AI product. And there was no AI product. Like,
had they, I don't know how, maybe they needed the risk assessment committee that we heard about
in the first one. Sure. They needed the Russian cyber crimes. Risk assessment.
Knowledge and expertise. Because the second, like, they would have had the jump to become
the replet and to become the lovable. Like, they were already in that world. If they saw this
stuff coming and were keeping up on it, plus the fact that you have 700 full-time engineers,
like if you allocate a portion of those engineers over to actually building the AI tool that
you're supposed to be, they probably could have done it. And nobody would
noticed. Yeah, sure. And the timeline of it is just so, from their perspective, such a bummer.
The initial, so there had been this like years long period of time where there was a bunch of
skepticism that this was real. The Wall Street Journal investigation that exposed
that the claims that this was, I think they're phrased with, this is human assisted AI.
And this Wall Street Journal report comes out saying like, that is, even that seems to be a wild
overstatement of what is really occurring here, which is as to you, as you said, like,
software developer salary arbitrage.
That happened in August 2019, like five seconds before all of these LLM tools would have come out
and they would have had a path to genuinely becoming the thing they were pretending
they were, which was human assisted AI.
If a couple more months, they could have gotten all those developers using AI and they could
began that process of becoming the thing they were saying they had been since 2015 by the skin
of their teeth.
See, but like if I, if I'm the CEO of this company.
Yeah.
And I'm committing fraud.
I'm just trying to think of a nice way to say.
But there isn't.
That if is so important in that sentence, Scott.
If I'm committing fraud.
If I'm the CEO of this company and I've been selling a lie.
Yeah, sure.
The second.
that that lie starts to become reality in the market, I would be adopting it as quick as
humanly possible. Like they, like, that's the thing. They were first to market. They had the brand
awareness. They had the investment. They had the relationships. Like, they could have come in,
adapted some of, like even in 2016, 2017 to say that you're a human assisted AI,
it would have been still revolutionary.
Like the no-co platforms and stuff back then were kind of garbage.
But you'd be moving in the right direction.
As long as you were adopting and implementing those technical innovations as they came out,
by the time that everybody else was sitting around saying,
hey, we could build something like this thing called Replit and just build this agentic system,
you'd already have it.
Like they could have made the pivot so cleanly.
Yeah, sure.
They just didn't.
Yeah. So you've got two different things in this one. You've got the sort of maybe, let's call it misrepresentation of what AI was doing and what humans just paying less than they were charging were doing. There's also just some really good old fashioned misrepresentation of revenue.
Yeah, classic. As this has all been collapsing, it's, it's looking like builder.a overstated its revenues by like three to 400%. They claimed $220 million in 2024 when the real figures were.
closer to like 50. Still a lot of money. But it just sort of speaks to maybe a board that
lacked some independent oversight, not much of an auditing committee or like even really a CFO and just
like unchecked founder control for a very long time with a very large amount of money at stake.
Well, the other thing too is that like, you know, obviously there were whistleblowers that led to
the expose in 2019. Yeah.
In 2023, the CEO is given the Ernest and Young UK Entrepreneur of the Year award.
Yeah.
Like four years later, he's still being celebrated in the tech and business community.
And it's like...
Yeah.
It's worth maybe talking about it's like he, so much of this, we've covered a few stories that get into like the world of VC culture.
And you realize just how big of a thing, just reputation is in this thing and how far reputation can carry.
you. I think you described himself as the chief wizard, but really the founder of builder AI
was a guy named Sash and Dev Dugal. And he's a very celebrated entrepreneur, as you said,
celebrated the World Economic Forum in like 20, 23 back in 2009. He was the CEO until 2025,
like five years after this whistle. Like until now. A few months ago. Exactly. Like a very well
respected person and their entire like it was a very legitimate seeming company it had very real
serious people and i've been watching the theranos show and i'm not drawing a parallel between
those things right now for legal reasons and yeah well the it's it's funny so yeah they step
down the CEO the CEO steps down February 2025 goes on the board uh they hire in and bring in a
CEO, Manpreet Rattia.
Sorry.
The previously held senior roles, Amazon, Citibank, Flipkart, a bunch of like a senior
business tech leader.
And they come in and they just go, oh my God.
Like they see, they see behind the veil and they're just like, this is not.
This is fraud.
This is AI washing.
Yeah, yeah.
A strange new con.
but a real concept.
It's like you are,
you would think it would go the other way that it's like,
oh,
this is pretending to be human labor and human creativity and human effort.
And it's like,
oh, it was actually just an L-LM.
It's like,
weirdly in this investment ecosystem,
you're better off going the other way.
Yeah.
I haven't heard that.
That's good.
Yeah.
Well, and it seemed to have gotten,
so we talked about the investment,
$450 million,
Microsoft,
the guitar investment,
Authority, soft bank, like large-scale institutional investors that you would think,
you would think, to be frank, the due diligence process might have revealed fraud?
Like, I think it might have revealed this.
So you already made reference to Therados.
Sure.
Yeah.
I don't know how we can not talk about the.
Well, and that, again, brings me back to the story that you can tell, which is like,
oh, this is proprietary.
We're not going to let that auditor into this room.
He used to work for our competitors.
We're not going to let that person come take a look at the lab.
They used to work over here.
You can thread that needle for years.
Like, I'd read the Theranos book right after it happened.
And I know that I think there's a movie coming out, isn't it?
Or a mini series or something?
There was a show that I've been watching.
It was quite good.
So it's already out.
Yeah, I haven't seen the show, but I did read the book way back.
And it's this.
Like they were claiming that they had this intelligent,
blood testing solution and then they were just actually mailing blood samples back and testing them in a lab the same way everybody else was.
And it's like here it's like we've got this intelligent software development platform and instead they're just mailing software requirements documents back to India and having people build them.
It's like same same.
Yeah, it's a story like our first one where you have actually surprisingly well run Russian malware as a service operation.
Exactly.
It's still kind of unraveled a little bit because of a lack of like thorough checks and balances inside of the operation.
That like to see something similar happening here where you have 400, the better part of a half a billion dollars from like Microsoft and SoftBank invested in a platform.
It's like it just hits really, really differently in a story like this.
Yeah.
It's also funny because it's like they talk about it.
And I'm just going to keep talking about Theranos in a relationship.
But same thing happened there, where it's like you're getting all these marquee investors.
You're getting these big BCs.
You're getting all this real money.
You're getting these board members that are all greens is on board.
Like all these little signifiers of legitimacy keep coming out, keep coming out.
And everybody wants to miss out on the technological revolution.
But all of a sudden you get this like halo.
You're like an angel and you're protected.
And all of a sudden nobody can scrutinize you.
There's whistleblowers that are calling the,
Wall Street Journal and the writing exposés about how you're a fraud, but nobody listens to it
because Microsoft just gave you $200 million.
Yeah.
Well, you've got a bunch of money and this journalist just has a grudge and you're going to
fight every single point and you're going to sue the newspaper and, and, and, and, and, and it's
all sort of secondary to the larger point that the accusations are maybe true.
But it is, there is a bit of irony here that, like, there's so much discussion about, like,
Is software engineering going to die?
Our AI going to take all those jobs.
And these are the people that were doing the socially just thing.
And they were taking the AI money and giving it to the people.
Giving it to the people.
In this TED talk, I will argue that what I did, what you call fraud, was actually the most moral choice of all.
Before we move on, how is the Theranos show?
I'm intrigued.
It's pretty, it's quite good.
I'd say the show has a little bit.
of padding. It's like if it was one episode shorter, probably all of the episodes would have
been better. I will say Amanda, I think it's Amanda Safefried is the actor who plays Elizabeth Holmes.
Tour to Forest performance as far as I'm sorry. I think she crushes it.
Does she do the voice change and everything? And you watch it happen and you watch her like test it
and then someone calls her out and she waffles on it and then she tries it again and like the
introduction of the Elizabeth Holmes voice is a
It's almost a plot point.
It should be a plot point.
It really is so much about who they were as a person.
It emerged with, yeah, how they, how they understood perception.
If I'm remembering right, accompanied the emergence of the Steve Jobs turtleneck,
which sounds like I'm making a joke, but I'm not.
You're not.
Like, the sort of like Steve Jobsification of her became a bigger part of her identity,
the more like flack and the like harder the hustle was getting.
I feel like we're ruining
ruining plot points for listeners,
but I think we should cover this just in like the tiniest thing.
So Elizabeth Holmes, founder of there,
and I was worth doing.
Fraud, blood testing,
making these like mobile blood testing units.
You could just like go into Walgreens
and you'd get a blood test done in like a short period of time.
Anyway, it turned out it was the same as this.
They were taking blood samples, mail in the back.
They had a machine called Edison, whatever.
But Elizabeth Holmes apparently was obsessed with like Steve Jobs to the point that she adapted and manifested and projected Steve Jobs energy, Black Turtle Neck, the whole nine glasses.
And she changed her voice to be lower and more manly because she thought it commanded more presence and more authority.
So fascinating character to have a show based on.
Also, in recent news, her partner is now founding a blood testing company based on technology
and AI, so TBD on that thing.
Of all the businesses you can start, my guy, like, what are you doing?
Like this company, Builder AI, I think, hit one and a half billion peak valuation on fundraising.
Theranos hit nine billion.
Yeah, it was being set up to be the Apple of medical.
technology. The way people talked about it, she is Steve Jobs, not initially, but now reincarnate.
She is here to take this giant, slow-moving colossus of an industry and to make it digital and
modern and sleek and move fast and break things. And the fact of it was that they just couldn't
crack the technology. And you keep raising more money and you keep making more deals and you
keep raising more money and making more deals, but you just don't have a machine that does the job
you're selling. At a certain point, you run out a tractally in front of the train that's already
moving and it crashes. Fascinating story does remind me of builder.a.I. Totally. Complete parallel for me.
Completely. Except for builder. That AI got ran over by the thing that they were actually supposed to be
doing. This is true. Pyranos just got caught lying about doing something that they couldn't do.
Yeah, it would be as though someone else had come along.
with small the whole point of their thing was that you don't need to take a bunch of blood and
people that are constantly getting blood tests have to have blood drawn all the time it's
apparently like a really really like traumatizing experience for people that are like
going through some kind of long-term medical care and constantly have so much blood drawn so
it was tiny little blood samples and it would be as though someone else invented
micro blood sample thorough full panel blood testing in the middle of them lying saying
they had invented it's like oh how did you do it
Show us yours and we'll show you ours.
Show us yours.
You want to just speed run some little news stories before the end?
It's been a minute since we've chatty-shadded.
Yeah, let's do it.
Let's do it.
I guess first and foremost, Dub-dub Apple WDC just happened.
Crazy.
You got any thoughts on that one?
God, it took them long enough.
It would be my main thought.
Yeah.
As somebody that's been waiting for an iPad version of the Mac book forever,
Like, I recently bought an iPad, Jordan knows this, because I wanted something to write notes on.
That's literally the only reason I spent a grotesque amount of money because they are so expensive now.
I could have bought another MacBook for less money than an iPad.
Yeah, they're not cheap.
The, I don't know if that's actually true, so don't hold me to it.
But it was so much money that I feel like I could have bought another laptop.
Yeah, it is just like, why did they not, like, iOS is based in Mac OS.
like they're the same core essentially different like UI kits but like the new iPad at
UI kit is so similar to just Mac OS and I imagine liquid glass the new UI template
yeah is gonna come to macOS like they're just gonna be the same so like can we just make
them the same never no they will literally never do that I love seeing windowed
management I love that they just gave us like a menu bar and the the stoplights
in the upper left-hand corner, all great.
I love that.
It will make things a lot more efficient.
Finder and the horrible files app converging towards Finder is good.
The old ism, which is that you buy a Mac, you're buying a computer, you buy an iPad,
you're buying a list of things you're allowed to do.
Totally.
Still remains unfortunately true.
This episode will be edited inside of Logic and I will use plugins that I am not able
to use in the iPad version.
It's like, well, until my core functionality of a computer is added to the list of things I'm allowed to do on an iPad, it can't become my daily driver.
But we inch ever closer.
My new iPad air has an, like, I can buy a MacBook Pro with the same, like, logical infrastructure as my iPad has in it.
It's the same chips.
Same chips.
So, like, why can't I just run Mac, like, why can't I just choose to run MacOS on it?
Like, just let me.
No, but what if instead?
What if instead?
We used all that processing power to run the bougiest animations on everything you've ever seen in your entire life.
Yeah.
We call it liquid glass.
Which I don't hate as much as some people, but I am assuming is going to have to change so significantly before the actual launch in September because it is quite often completely unreadable.
Um, yeah.
Yeah.
I, if we want to talk about UI design, sure.
Yeah.
I think it's cool.
I think that usability wise is going to be tricky, especially for accessibility.
Um, is it so groundbreak.
Like, do gauzy and blurs and lens effects impress me?
Like they were in Photoshop too.
It's like, Windows Vista is the thing everyone's acknowledging is that you've done this like
refractive light glass thing.
Totally.
Like that's, it's nice.
It's fine.
It's cool.
The one thing, and you brought it up and you may take to it is that like the amount of processing and rendering power, people that have seen running the dev version of iOS 26, I think is what's called.
Yeah.
They're doing 1920.
They're doing the car naming thing.
Anybody that I've seen running it talks about how much detail is rendering into every UI piece.
Like the new finder app has like drop shadows and shading.
and renderings and yeah, knowing that as a gamer, the first thing I do on Windows is turn all of
that off so that my computer runs faster.
Certainly.
When I'm talking about a mobile device with a mobile device battery in it, running non-mobile
device chipsets, like I'm in no rush to care that I'm going to have beautiful gauzy and drop shadow
blurs and blah, blah, blah.
I'm going to care more about the fact that my iPad gets more than two hours of use before
the battery dies. Yeah, exactly. But don't worry, we're making a thinner phone at the expense of
the size of the battery. It's going to be a lot of fun. Yeah, that's interesting. I was sitting there
with a clicker. I didn't actually do this, but I was metaphorically sitting there with a clicker trying
to count out every time they said the word Siri in the talk. Oh, really? Like just in the back of my head.
And I didn't watch every second of it, but I would guess maybe one time they brought it up. There was like a very
fascinating talk about Apple intelligence and Siri without talking about Apple intelligence
in Siri because we are in this little window of time where they have made a lot of promises
they clearly haven't quite caught up with.
Which is funny because there were stuff inside of this that is what the Apple intelligence
announcement probably should have actually been.
Really, really good translations using onboard LLMs.
that's a great table stakes for a mobile operating system in 2025 keep it coming there was a lot of
little quality of life things depending on like nice locally run l-lm that you can tell the apple
story about privacy and on-device and it's your thing all of that's great but now it's in the
shadow of this like Siri will be god Apple intelligence will run your life for you story
they told like nine months ago and they're sort of just like they painted them
themselves into a corner. Let's, let's, let's hang here for a sec because I am and I know a lot of
other people who are like into AI, like I will now say that I'm like into AI. I'm like an
AI guy. Apple is shockingly behind. Oh, yes. For a company that has endless money. Yeah. Yeah.
Yeah, no, it's like a problem. It's like, yeah, it's like the building is on fire. Like it looks
little toasty in there. Like, yeah, I don't know. Like, like, Siri has been around for so long.
They have made like, and this is not a knock on the Siri team. I'm sure they're doing things.
But as a user, yes. It doesn't feel like Siri has improved since the first time I used it.
No. I use, I use Siri to turn on and off smart lights in my house and that is it.
Oh, and by the skin of its teeth, going to do it. Like, it's really rich.
And that alone is like a nightmarish scenario that it doesn't understand 90% of the time.
And it's like, and nowadays we have like the Johnny Ives, which is not the right pronunciation of his name, moving to Open AI.
And they're talking about making a screenless AI device.
And it's like there is, there's good, like I can have a conversation with GROC.
Who else has voice mode?
Open AI.
Gemini has voice mode.
Geminiaz is great.
Yeah.
Yeah.
Like I can have conversations with these AIs that are doing deep research and, you know,
retrieval augmented generation and all kinds of stuff in the background.
And then I asked Siri to like turn off the lights in my office and she's just like.
Playing lights.
And you're like, what?
No.
I don't want to listen to some electropop.
It's really not good.
No.
Here's my theory.
So in the, in Dubdub this year, they also spent a bunch of time on Spotlight.
the Mac tool where you command space and you can search for files.
And it's always been very useful, but a little half baked.
There were a bunch of secondary pieces of software like Raycast that like gave you a bunch of functionality.
You're kind of together shortcuts.
Exactly.
And I would say some of them got Sherlocked a little bit, which is to say Apple built their functionality.
Exactly.
If anybody doesn't know Spotlight was stolen from a third party, not stolen.
God, I'm going to get myself in a short.
trouble on this episode. All of the functionality that it's in Spotlight now wasn't originally
in Spotlight, and it was a third-party app called Sherlock. Which has since become a shorthand
for this kind of thing happening. Anyway, there's all this functionality now built into Spotlight.
You can string together shortcuts. You can tell it to do pretty complex things. And it's a tag-based
system. You need to activate the like little like I'm sending a message part of it. But in Spotlight,
you're like, oh, this is all of the hooks into this system in a little text box.
Not quite a natural language text box, but you're dangerously close to having a thing that is
closer to what Siri should be in Spotlight than what Siri currently is.
And so it's this question of if you build all of these hooks into the operating system,
You get spotlight to the point where can almost use the computer for you.
You've built a lot of the scaffolding of saying,
now we're just going to run a large language model on top of it that can connect through to those.
And I would bet an API that you can expose to other large language models that's like,
here's the couple hundred hooks that we use to get into Mac OS.
If you're approved, you can hook into these two.
And people can say, you know what?
Same as I use Google search as my default in Safari.
I would like Gemini to be the default voice conversation, voice assistant.
And yes, I would like to give it permission to use my system for me.
Yeah, well, a couple things to that.
Yes.
That API hook for other system has already done.
OpenAI built.
It's called MCP Model Contacts Protocol.
And essentially all of the feature set that has been exposed to Apple shortcuts and all the
rest of those, all those application interactive.
functional exposures will all be bundled up in MCPs eventually.
And not only will Apple's OS provide an MCP, but each of those apps will have one.
I can't remember who said it, but somebody recently said, like, if you're a SaaS company
and you're not exposing your stuff on MCPs for agentic use, then you will be replaced by a
system that does.
That does, because that's how people are going to be querying these systems.
Correct.
The next thing I'll tell you is, I'm not
I'm not sure what you use for web browsers, but one of the things that I found helpful is there's like this, I can't remember exactly what it's called.
Let me just pull up my settings here, but I'm using Firefox and there's the ability to do like custom search engines.
So you use like bang GPT or bang perp.
Like so when you open up a new tab and you have like the Google search or like the search bar comes up, I started with like, like, exclamation point GPT.
and then anything I type gets sent to chat GPT 4.1.
Anything that I typed after bank perp goes to perplexity.
Anything after bank, grok goes to grok.
And so it's like 90% of the time when I'm Googling stuff now,
I'm using Googling as a verb.
I'm not even sending my questions to Google anymore.
I'm going to one of the AI assistants.
It's bringing me back a summarized, cited answer
with exactly what I'm looking for
rather than me having to spend 10 minutes looking through pages looking for it.
Which I think you bringing up connects through to my biggest argument for why Apple might
not want to be territorial about the LLM natural language layer that lets people interact with the
computer being theirs.
Like there's an argument to like, yes, we have a lightweight LLM right on the phone privacy.
Great.
That's cool.
People hate Siri and they've been getting breached.
cruised up by that for years. So how much they want to own that conversation layer is undecided,
probably dependent on the quality of the model. But the bigger argument is that right now Apple and
Google are in this like tango of antitrust cases with the U.S. government, European regulators,
around the world, dependent on these questions, very old questions of how many billions of dollars
is Google allowed to pay Apple in order to be the default search engine? How much money is a company
allowed to pay before it becomes an antitrust issue and going, you know what? You're right. We should
never have been letting them pay all that money for search queries. Now the large language model layer,
which no one can say there isn't a lot of competition for. Totally. You can say that about Google search,
but you can't say it about the LLM layer. That we let tons of people give us billions of dollars
to put that on the iPhone. And I'm like, that to me is a really, really good argument to build
your system in such a way that if people like talking to Gemini, you can let them control the
iPhone with Gemini. It sounds very unappily, but it seems like all of the signals are pointing
in that direction. Yeah. I'm not an Android user, but know a lot of people that are. And my brother
got a new phone at Christmas and had it, and it came with Gemini Pro. And it was still 1.5 pro at that
point, I think. I don't think 2.5 was out. And it's no longer pro. They've dropped the pro,
just so you know. It's now just 2.5. But the... Google changed a name and a thing and made it confusing
in the process.
Yeah, exactly. Shocker.
But he'd like never really used it.
And I was just like, we would be sitting having a conversation about something.
And I'd be like just ask Gemini.
And he just like got into the habit of being like what percentage of vote, blah, blah, blah.
Like any question you have.
And boom.
Talk to your computer.
Yeah, talk to it.
It's just puking out cited answers.
And you're just like, there's the answer.
Like we could have sat here and argued about it for 45 minutes.
Now we have the answer.
Yours can do that now.
Yeah.
Yeah, I think that's going to be that spotlight.
I'm very excited as an iPad user for window management in 2025 on my $1,000
computer.
Mind-blowing concept.
But I think the actual future of all this stuff was hidden in that little spotlight demo
where it's like, oh, you can kind of talk to it a little bit.
Oh, you can have it string together shortcuts and do things recurrently almost like a little
a, oh, like there's a lot of functionality hidden in that like five minutes of the demo.
So I'm just going to go back in time here.
even sure if this was on the episode or just in a passing conversation that maybe you and myself
and maybe me and a friend of the pod, Matthew Satchel had had, or Matthias, the art director who did
our art for the show, is I made that same argument when Siri came out originally. I was like,
they have all these hooks. They just need to expose it to Syria. They need to do all this stuff.
They just need to like, they're building the ecosystem. It's going to be good. That was 10 years ago.
It's still not good. Like it has those hooks. Siri has those.
those hooks. I'm just hoping they get a reasonable voice model to run Siri. I think Spotlight shows
that they're panic building the hooks in the background. Yeah. It's just how they go about exposing them
to those LLMs because Siri was always a non-LLM based conversation. Yeah. Okay, well, that sucks.
We know that sucks. We know this rips. Just put it all together, guys. Like, you have all the parts
for this to be good. I watched, I did watch, I actually didn't watch Dubdub the whole thing,
but I watched some specific, like I saw the pieces that made sense that I cared to
highlight real.
Yeah, yeah.
And, but I did watch the Apple AI MLX, MLX.
Yeah, the MLX presentation of like their entire Apple LLM kit.
And they've built an entire infrastructure.
Like, like the, anyway that's not into AI, like running, running deep seek R1,
which is a free open source model provided.
to us by our friends in China, requires like a supercomputer.
Like to run it efficiently, you need like 470 gigabytes of V-RAM.
So if you were to buy Nvidia chips and Nvidia cards at the time to do that,
like not even the consumer ones like we have in our PCs, but like you'd be like six figures
ish close to.
Yeah, sure.
You can buy a $10,000 US Mac Studio.
that has 512 gigs of unified memory running at an insanely high memory bandwidth speed of like
871 gig a second.
And you can put deepseek R1 on there and run it essentially at a functional speed.
So for 10 grand, Apple has built hardware that is like, like that M3 Ultra Studio with 512
gigs of memory is built for nobody besides AI people.
Right.
Like there's nobody else needs five.
It doesn't matter what kind of rendering you're doing or anything.
Like you don't need that kind of V-RAM.
You haven't seen these liquid glass textures yet, Scott.
That's true.
We all need an M3 Studio to run our OS.
No, I take your point though.
Yeah.
But anyway, the MLX, the Apple AI stuff is actually pretty cool.
And they're actually doing some pretty cool stuff.
And they're exposing a lot of abilities to make it really easy for people to like,
fine-tune models. So like low-rank adapters, create low-rank adapters, which if you don't know what that is,
is like a custom-trained model that gets attached to the other model to change some of the weightings.
Take deep seek R-1 and feed it like 10,000 examples of our customer service tickets.
Sure.
And it'll create a little adapter, a little model augmentation that we glue to the R-1.
And then all of a sudden we have this like customer service model that's been custom-trained.
to deal with our customer service.
And they're really starting to build for that future where enterprises are looking to
internally leverage AI, I think more so than, you know, you're seeing with the Googles and the
open AIs where they're building to service the market, the generalist market, rather than
building siloed custom solutions internally, which I think Apple's kind of isolated off and
said this could be a big thing. And I kind of agree with them.
Yeah, I mean, they're in an interesting position.
Like Google's operating system is a web browser.
Like they're just, they go after like they do developer conferences and they have platforms and hey, maybe AR will be the future.
I don't know.
X. Fs.R. Jordan.
My apologies. My apologies.
But it's just a fundamentally different company.
Like their hardware.
Like what is their hardware for developers?
Like it's just not this.
They're not analogous to one another, which is what makes the fact that they're in some ways a
head so fascinating, but it does speak to what Apple could kind of rush in from the rear on,
which is that kind of stuff.
Totally.
And again, like the couple of things I want to talk about there.
But the first is change takes time, especially the bigger in organization, right?
Like if you're a one person shop, if you're an independent consultant, a small business,
it's just one person.
You can change and you can pivot quickly.
if you're a 60,000 person logistics company, like the chains.
Big ships move slowly.
Exactly.
And so it's like there's going to be two different models working there and they're going to be competing a bit.
Like you're seeing that with like AI startups.
Like there's so many of them coming online so fast.
A.
because AI is facilitating their development, their research, they're planning, their everything.
You can just move at a pace that's unprecedented as a small team.
as a small team.
Next,
it's like big, big companies
are just looking at marginal gains,
marginal shifts.
Like if you're delivering natural gas
to the households of North America
to keep their houses warm in the winter,
it's like, you know,
you can't move as quick
because of safety, security,
risk liability,
et cetera, et cetera.
So it's like, yeah,
it's going to be a fascinating decade.
Like by 2030,
it's going to be fascinating.
The second thing I want to talk
about there was how badly I want a pair of AR glasses or XR glasses.
Really?
You're in.
I'm in.
Do you want the, now to clarify XR as in the current generation of functionally VR glasses
with pass through a video or do you want to go over to the other side, which is the glasses
with the teeny tiny non-mapped hood?
Like which side of that do you think is useful in 2025?
I'm talking the Google XR prototypes that they've been demoing at their AI.
conventions. And they are essentially meta ray bands, but with screens in your eyes. They are there
literally the contact lenses from my dystopian graphic. They have cameras. They have microphones.
We should clarify about that because we got an email unpublished because I think some people went
looking for that. Oh really? Yeah. Unpublished. I just wrote it as a hobby as like a probably project.
I should publish it now. But the um, it would be maybe a little too real to publish now. The, um,
Anyway, they have microphones.
They have cameras.
They have everything.
Like, if you haven't seen the demo of them, you should watch it.
Like, somebody wearing them will, like, look at a bookcase and be like, like, just briefly glance their eyes past a bookcase.
And then be like, hey, Gemini, do I have a book on, you know, UI design?
And they'll be like, yeah, it's the third book on the second shelf.
Yeah.
It's like, yeah.
It reminded me, I saw that tech demo.
it's very similar to the Orion AR tech demo that Facebook did
eight or nine months ago,
whereas you managed to get actual heads up,
a heads up display tracked into a pair of what kind of look like normal glasses,
chunky,
but like a pair of glasses with a heads up display mapping real world content,
mapping content into the real world.
And, you know, pick your poison a little bit,
but I'm sure more likely to use one created by Google
and more likely I would say to get value from the software provided by Google.
That's just my personal experience.
I'm not a big meta product person.
I don't love having it in my pocket.
I'm very disinclined to put it on my face.
And for however much that's still...
And for however much that's still true about Google,
it is, I would say, just for me personally, less true.
Like I'm more likely to want to pop a pair of those on.
Yeah, I'm in true.
by that. I'm curious when that's going to get to consumers. Because I've heard that while,
that that's a mass production issue. It's like, yes, we can do it. We can make 11 of these.
And they're incredible. And it's like, amazing. Can you make 7,000? They're like, no.
It's like, okay, we'll come back when you can do that because I'll give you money.
Like, I would genuinely like a pair of cool glasses that can talk to me and see the world. That sounds
kind of neat. As somebody who like the first iPad, I remember like Steve Jobs.
You know, his classic speech sitting on stage and he's like, it's really powerful to hold the power of the internet in your hands.
I can't remember his exact words, but he was like, this is like a, it feels monumental.
And I feel like glasses like that, if built very well, functioning very well, will feel like that.
It will be like, oh, my God.
Like, I am, the technology and life are interwoven now rather than like two separate silos.
I go use technology in my life, but now they're together.
And that's going to be a cool thing.
It might be scary and it might lead us to seeing ads on literally everything.
Sure.
Which is another thing cool to talk about.
I know we should probably wrap this up because we're just like shooting it now.
But there's been a lot of conversations about what a post Google search world is a post-google search world.
looks like for advertising.
Sure.
Like if perplexity, Gemini, I'm just literally looking at all of the bookmarks on my
Gemini, OpenAI, GROC, cloud, perplexity are all feeding me the answers.
I'm never going to web pages to find them.
And Google searches, like so much of Google's revenue is associated to their ad side.
And like what does the world look like when it's not serving those ads anymore?
there's no value to them. Nobody's looking at those ads.
And I would agree. And I'd say it brings up an even larger question of like, well, ads are the
financial engine of the internet. And you could just scale that question up like, well, what even
really happens to the internet at that point? Like for the last 15 years, we've been living in an
economic situation where Google makes, and I'm going to round some numbers here, a buck for every
penny that Condé Nast or the New York Times or any one of the actual creators of this content tend to make off
of advertising. They monetized the new internet, which is now the old internet better than anybody
else and they became one of the largest companies on the planet as a result. If you were no longer
driving any traffic anywhere and you're just querying information from a database that was previously
barely financially viable due to advertising and there's now no eyeballs to see the advertising,
what is the economic model that makes any of the content produced on the internet viable?
That to me is completely unclear.
If you were in the text business, I'm like, oh, I just don't know how that's going to work for you.
It barely works now.
This won't improve that at all.
My got response to that is, and there's an interesting, I heard this on a podcast the other day,
and they were talking about how AI is creating two types of people, hyper consumers of content and hyper producers of content.
Right.
And I think that's just, that's only going to get bigger and bigger as, I'm trying to figure out the nice way to say this, crossing my fingers and hoping that AI leads to a life where we're not as busy, for lack of better words, where like we see economic efficiency growth substantially, well, not requiring human output to go up in equivalency. That makes sense.
Like, you know, so much, and I talk about this somewhere that will become public at some point.
The technological revolution obviously grew us, grew our economic efficiency as it facilitated us to work better, faster, and harder.
But it came at the cost of like me having a pager, a Blackberry, an email.
There's an expectation that every time something gets done, I get a message, I get a notification, I have to respond to it.
I'm hoping that AI is the disconnect for that, where now all of a sudden it's like we can grow our economic efficiency, but we can steal a bit more of our life back.
I can disconnect and still be a productive member of society, et cetera, et cetera.
So I forgot where I was going with this.
Yeah, we were talking about the scale of production of the information of the system versus the consumption of them.
So what do people do in their spare time?
They consume or produce content.
And it's like, I think that the monetization of content is only going to get bigger and bigger.
My worry is that when it's commodified, like literally a commodity at the scale that it's at,
it's like, what were the deals that Reddit did?
And I'm just thinking of like an individual creator could theoretically make enough money to live
by putting ads on a really popular blog.
Sure.
Reddit can command a deal for Anthropic or perplexity or any of these companies,
but they need to be producing like, like what, like three million tokens of AI parsimilar?
information a day.
Like it's like, no, it's literally a commodity.
Think of bales. Think of giant
shipping containers worth of human output.
That's what's valuable to these systems.
Unless right now, unless we start going like, no, if you have the actual answer to a human
query, that's valued in a different way.
That's not, we're not the little bit of language that we're using to feed into the system.
It's like, no, you can't monetize that the same way as that.
Or no one will produce.
those answers and the internet will stop being useful. It'll have to start making stuff up.
You need to find a way to make the answer creation process monetizable on the internet or you
won't have answers. Yes. But I guess to route back, I think that you're going to see,
like just to speak to the content that I'm talking about, like hyperproduction of content is like
people like let's talk more about the Spotify deal with Joe Rogan.
Sure.
Like, I think we're going to see more of that stuff.
Big influencers, big content creators.
Sure.
People.
A different kind of content and a different relationship to it.
And the monetization of that is going to be, I think, maybe one of the big buy products of that.
So it's like figuring out how to put ads and content and product in front of people who are consuming content.
And I think that that's, I think truthfully, and it's going to sound weird and dystopian.
But like the Twitches of the world.
the
YouTube's,
like those are the things
that are going to get
more and more valuable.
As humans have
less to do
due to AI,
they will consume more
because idle hands
of the devil's playground.
I think you're getting
to the,
maybe the heart of it,
which is that like,
how many websites
haven't I clicked on
because the Google
automated response
was serviceable?
Probably quite a few.
Just human nature.
The answer is right there.
I read it.
I don't need to continue on.
How many songs written by AI have I listened to on Spotify?
None.
How many books written by AI have I read recreationally?
A book takes six hours to read?
None.
Information as a commodity is the value of that will be driven down,
but the value of authorship and our relation to authors, creators,
video, audio, whatever it is.
Perspective, country.
That remains valuable.
The economics of how it will be created.
will change and the labor behind that will change.
But as of right now, the thing I keep coming back to when it's like humans will need to do
truly nothing, there's nothing can't do better.
It's like, what's your favorite song written by one?
Yeah.
Because I can list 50 songs that have like matter to me so much and not one of them was
written by AI.
And I would guess that that list will remain entirely human authored because that's what's
valuable about it is my relationship to the author.
Totally.
I think that AI can't do.
doesn't understand human emotion.
I think it understands it from a clinical perspective.
But yeah, but it doesn't understand it.
So it will never have that same connection.
But the thing is for me is that the,
like we're already living in a world where major influencers
are essentially full grade A celebrities.
Like it used to be micro celebrity.
We joked about it for decades.
It's like, oh, yeah.
It's macro.
And now it's full-blown macro.
If you're a top 10 streamer, like other celebrities want to meet you.
And things like, you know what I'm saying?
Yeah, yeah, yeah.
They want to come on the stream.
They want to come on the pod.
They want to come on the show.
So my perspective is that like entertainment is going to become the new platform for marketing.
And it's always been a platform for marketing.
But I think that it's going to become the biggest platform for marketing.
I'm curious what people are going to feel about the 30 minute appended.
Because we've tried doing chatty chat episodes.
We've done very structured stuff.
This had like a story, then another story,
and then what I thought was going to be five minutes of talking about dub,
dub.
And you just got like another pod added to the end.
So I'm curious.
I hope y'all like it.
It was quite fun to do.
We used to make this thing called,
well,
we used to make this thing called hacked after dark.
And this essentially felt like a hacked after dark because it's like,
Jordan and I usually sit on these calls after we make the episode and before we make the episode
and talk about this stuff.
So maybe we just leave the mics on and the cameras on.
Honestly, if you like this, let us know.
Because we could just keep doing this and keep all the chatty chat
as like a nice little vestigial thing hanging off the end of the episode,
which was, of course, brought to you by Push Security.
Absolutely.
As always.
Very fun.
I think without any further ado, we'll catch you in the next one.
Take care.