Hacked - Summer Retrospective 2022
Episode Date: October 1, 2022In which Scott returns from vacation right as Jordan is leaving, and they talk about the episodes Scott missed over the summer. New listener? Definitely don't start with this one. Learn more about you...r ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
So first things first.
What do we call this thing?
I don't know.
The summer retrospective.
The, hey, we made it.
The, I don't know, this could have any number of names.
The Scott's Back from Summer Vacation Tacular.
Oh, the post-COVID finally got out of my house.
Spectacular.
Yes.
2022.
2022.
Colon.
If you've never listened to Hacked, don't start with this one.
Yeah, definitely.
Maybe not the best episode to get your feet wet on
is this is going to be pretty much just for the people that listen to the show.
And I've been here for a while.
The sweatily making excuses for why we don't have an episode,
Stravaganza.
Let's talk about the fact that I went away.
Let's talk about the fact that you went away.
Let's talk about the episodes that you missed while you were gone.
Great idea.
Yeah.
Let's make a filler.
the vacation sandwich episode
where you were on vacation,
I'm about to go on vacation.
If you haven't tuned out yet,
you probably will.
How was your trip, dude?
Trip was good.
Trip was good.
Had a friend's wedding.
Had to go to an Italy.
Also did some family time in Greece
and squeaked into Portugal
and got a couple weeks on the way of surfing.
So all in all, it was what did.
needed to be.
Sounds awesome.
Question.
Yeah.
Did you commit any cyber crimes while you were going?
Because that would solve this whole situation.
We can skip this whole plan and just talk about the cyber crimes that you did abroad.
Probably.
Like if we really break it down.
Sure.
The barrier at which people think you've committed a cyber crime has gotten so low as we've covered in previous episodes.
I know people like viewing source on websites.
Yeah.
Then, yeah, I probably definitely committed at least at least a dozen Zyra Grimes at some point.
Yeah, you're now on the most wanted list of, say, I don't know, the Greek government or something.
Exactly.
You'd source code on a site you weren't supposed to.
Exactly.
Or, like, you know, borrowed somebody's Wi-Fi or, you know, maybe changed my Mac address to get access to a paid Wi-Fi or something like that.
But who would do that?
Yeah, you connected.
You sat down in a Starbucks and now Interpol does want to have a word with you.
Exactly. I will say, to all of our European listeners, at least any of the ones in Italy and Portugal,
your guys' Internet is spectacularly bad compared to what we expect in North America.
Called out.
Maybe it's just where I was staying and where we were, but it's like, I hadn't seen Internet speeds like that since, like, the early 2000s.
Sort of a dial-up energy?
We're talking like 750KBPS, not MbPS uploads and like 15 MbPS downloads.
And it's like, you know, I'm sad that I don't have fiber so that I can't have a thousand by a thousand.
It's like they don't have it in my community yet.
I'm hoping that it comes.
But it's like I don't, I don't like I did some ping tests and stuff and I was getting like 273 ping.
And I'm like, wow.
And like, I was hard-lined in for some of that.
Hmm.
So, anyway, that was probably the biggest shocker, was just the, the difference in expectation
and standards that we have, it seems, in North America.
Like, I know most of our colleagues in the States and stuff have fiber, Google fiber,
and giggy, giggy, you know, connections.
And, you know, Canada is just getting that stuff.
And it seemed like, I'm sure parts of Europe, I can imagine Germany and maybe Switzerland
have it, but.
Italy sure did not.
This is according to www.thelocal.it.
Foreigners rank Italy worst in Europe for internet and paying without cash.
Italy ranked 57th out of 68 countries around the world when foreign residents were asked to rate the ease of accessing high-speed internet.
You're not alone.
Wow.
I will say, and maybe this is just, I don't know when that article's from, but paying without cash,
like the iPhone tap and Android pay is accepted pretty much everywhere now. It was amazing. Like I don't even think I pulled my wallet out of my pocket for like the entire trip. Like only for a few things. But they accept phone tap but like everywhere. Greece, Italy, Portugal. I feel like we finally crossed that line. Because I remember even a few years ago I'd be traveling down to the States and it still felt like it was your sign in a bill down there, which with all due respect, I feel like. I feel like. I feel like.
very old-timy when you get used to tap.
Oh, for sure.
And now everyone's kind of caught up a little bit.
Like, now it's just, they skipped the chip and pin, and we're all on tap now, which
feels like exactly how it should be.
Yeah.
It's, I'm sure the hackability and the risks are abound with it, but at the same time, it sure
is convenient.
So isn't that the truth of all cybersecurity is that convenience creates risk?
Speaking of, I think our plan for this bad boy,
so we're going to talk about the episodes that you missed while you were gone.
We're going to talk about some stories that we didn't get to talk about while you were gone.
We're going to talk about some upcoming episodes.
Let's go.
And I kind of want to do it out of order because there was one in particular that I was really excited to chat with you about.
It's an episode we did about a month ago.
And it concerns a gentleman by the name of Joe Grant.
and $2 million in missing cryptocurrency.
Yeah, yeah, the treasure hunt.
Listen to this episode.
Fantastic job.
Thank you.
I appreciate that.
I did, I will say that I was reading through some of the reviews,
the recent reviews on the show.
Thank you for all the great reviews.
But one was from a user called Dr. 101 who asked where I was.
So I'm apologizing personally to you.
I was on vacation.
You know, it's been a long couple years, felt like I had to get away.
But I'm going to try and give some input onto the...
these episodes to bring it back around.
Yeah, the treasure home was great.
Honestly, super sad that I missed it because, like,
I feel like Joe and I are probably from the same era of hackers.
Like, we kind of, we probably rubbed shoulders in IRC channels at some point back in the day.
And, like, the loft guys and the cult of the dead cow guys and all those guys kind of were
floating around.
And when I was a teenager kind of coming up through, through cyber security.
and there were people that I looked up to.
So kind of sad I missed it, but it was a great episode.
You know, very cool story, very cool, very cool solution to kind of bypass it and hack it.
So I thought it was great.
We talk a lot about the loft in that episode.
Question, what's the cult of the dead cow, though?
Cult of the Dead Cow was like a, I don't know how they were connected.
Maybe Loft came out of Call to the Dead Cow.
I'm sure Joe would have a much better answer for this or if I spent one minute Wikipedia and I'm sure I'd get it.
But called to the Dead Cow kind of created some of the first notorious script kitty malware.
They created back orifice and back orifice 2K.
And they were kind of like, I mentioned them in earlier episodes before,
but they were kind of things you'd sent to your friend or have run on a computer and they wouldn't show up as being on that computer.
But then you had complete access to that computer remotely.
Oh, wow.
Open the, like, the CD drive, and you could, like, just mess with people.
Like, it was never really super malicious.
It might have had a key log in it now that I think about it.
But it was clearly, like, something built for script kitties to, like, play with.
And, you know, granted, you could take that tool.
And as you guys made reference in the episode, you know, you can use a hammer to build a house,
or you can use a hammer to hurt somebody.
And never get the same with this is back where of it.
This was like a tool to show people what could be done, but also I'm sure you probably could use it for tons of bad.
Yeah, sure.
And here we are, you know, 20 odd years later.
And look what malware has become.
Yeah, it's pretty wild talking with Joe about what they were up to back then.
And even like seeing that footage of them sitting in front of Congress testifying.
And the tone of that is, you know, there's this looming threat.
there's this extraordinary set of new challenges we're going to face because of how we're using computers and what you can do with them.
And yet the threat back then kind of seems really quaint by modern standards when you look at what they were worried about back then and what we're kind of dealing with now.
It's like, oh, wow, we came a really long way from cult of the dead cow and loft and what they were worried about back then.
It's just such a different ecosystem now.
Yeah, well, like, and like he makes reference to this in the interview with like the hacker community.
And people that were interested in cybersecurity were like, I don't know, like classic problem solver puzzle gamers.
Totally.
And like everybody was super open and super nice.
And the community had like little zines and, you know, little hangouts in the internet.
Before we had dark webs, you know, we had RSEs and we had things like that.
And it was just a different, I don't know, just a different place.
And, you know, here we, you know, and also like you think about what Congress was at that time.
You've got a bunch of old rich white people who don't even know what email is because they have administrative assistance for that.
And they don't even probably use computers in like their late 90s.
They were probably, you know, people did all their typing.
It was kind of before the Blackberry revolution of like mobile email and stuff.
So, you know, you've got a bunch of, I don't know, Luddites for lack of better terms that are, are,
just completely afraid of this unknown thing.
And like, you know, look at us now.
You know, that was kind of at the beginning of a certain,
a certain phase of the technological revolution.
And like, look at us now.
Like, there was barely any cybersecurity specialist back then that weren't hackers.
You know, so it's like now there's a whole white hat army, you know,
like all of the intelligence agencies have huge departments.
There's tons of.
subcontractors, some of the biggest stocks.
And on the stock exchanges are like cybersecurity companies, you know, some of our
great advertisers whom we love greatly for supporting the show.
You know, and that's just it.
It's just like the times be different.
The times do be different.
I saw I and I with Joe on a lot just, I think just because truthfully we're from the same,
not I wouldn't say generation.
I think he's a bit older than me, but like we're from the same generation of, of hackers.
Yeah. There's like there's age generations and then there's internet generations. Like how were you active online at the same time? It's like you're kind of part of the same cohort at a certain point.
Yeah, yeah. Like we were probably reading the same things. You know, like we probably, yeah, our lives probably overlapped in many ways back then. You know, it's just a smaller world.
This isn't a side, but I think we've never quite reached the dizzy.
seeing highs of username quality that there were back then because I'm looking at the Wikipedia
for Cult of the Dead Cow and it's nothing but hits.
Everything is just named in such a great way.
Grandmaster Rat, like they all have really great.
Hectavismo, Ninja Strike Force, MindVos, like, they're all great.
I don't know why.
I love how these names sound.
Yeah, well, they were they were called handles back then.
It is true.
It is true.
It was like all, I don't know.
Yeah.
Anyway, I could talk about the good old day.
is forever, but the, uh, yeah, sure.
It was, uh, very cool.
Yeah, very cool episode.
Very cool, uh, project and like a challenge.
I could totally understand why he got baited in.
I'm sure he was compensated for his work.
Let's be honest.
But like, at the same time, like, I, I just could see why you'd be interested in
taking it on, like, uh, you know, hacking into something that's supposed to be unhackable
and kind of a cool hardware hack.
You know, it seems like I'm not really a hardware guy.
I never really have been.
I've dabbled a bit.
never been able to really get my head around all of it too much.
I'm not an electrical engineer.
I'm a computer engineer.
Yeah, the compensation side of it.
We talked about it a little in the episode,
but I found that so fascinating because it is such a,
it's like a quid pro quo thing.
You have a bunch of money locked inside of a box that I can open.
The deal is obvious.
If we get the box open, you give me a cut.
Totally.
And I kind of thought that once I figured out,
that's sort of how this all worked.
my brain goes, oh, so now you're in this endless hunt for the biggest box you can crack open.
Who's got the most crypto locked inside something?
And when I asked him about it, he wasn't interested.
Because it's like, well, I've solved this puzzle.
This other puzzle's kind of different.
Maybe I'll try that.
But at a certain point, he doesn't want to keep solving the same puzzle over and over and over again.
He wants to go make a pizza compass.
He wants some new challenge.
And I really admired that about him.
He wasn't just chasing lost crypto now that he figured out he could make a buck doing it.
he'd solved the puzzle and he was sort of just on to the next thing.
Yeah, I love that.
I love that he's a, he's a puzzle gamer.
Exactly.
You know, bring him an interesting puzzle and he'll play it.
Yeah.
It's like, that's the, that's the OG thesis of hackers, you know, go back to the manifesto back in the day.
Yeah.
He'll never cancel his like New York Times crossword puzzle subscription, but he will turn down
millions of dollars in lost crypto because it's not interesting anymore.
He's already solved that one.
Exactly.
Yeah, exactly.
There's another video.
Again, another thing we didn't get to talk, chat about in that one,
but I thought it was super entertaining.
If anyone hasn't made their way over to his YouTube channel, you got to go.
There was the video we talked about in that episode where they successfully crack a crypto wallet.
But there's this other video.
And he's helping out a guy who, it's not a crypto wallet.
It's an old, I think it's a Samsung smartphone.
And there's a account, like logged in on an app.
I don't remember what the site is Coinbase or one of those.
And it's trying to bypass the security of a smartphone.
That's the challenge of this video.
And it is one of the most, I don't want to give away how it ends.
It is one of the most intense emotional roller coasters I think I've ever gone through on YouTube.
It is an absolutely wild ride, man.
You have to give it a watch.
Yeah, yeah, yeah.
Send me the link.
I'll definitely watch that.
His whole attitude, you know, about, you know, hacking for good and, you know, innovation and elevation and thoughts and kind of growth and the positive outweighing the negative, you know, I think, I don't know, something about that resonates with me and I hope it resonates with you and I hope it resonates with this channel.
So the, speaking of a podcast, I left you here alone to make all of them aside from, you know, our advertising agency and all the jobs we have to do.
So the, uh, sure.
Eric's episode is a bit more about advertising.
It really is.
The internet hitman are a real thing.
Yeah.
Yeah, very sad end of the episode.
Yeah.
Didn't, didn't, didn't, not that I didn't love the episode, but didn't feel great after.
Yeah, you and me both, man.
There's like a longer version of that ending that is, you can kind of just hear me getting sadder.
And you can already hear me getting a little bit.
sad in that episode.
I was like, I got to cut some of this out.
This is like a weird, this is too personal.
But it did bum me out.
The audible depression.
Totally.
I was like, I don't got to.
Coming through.
I don't got to pass this on to the listeners.
They get a little bit and get a little hint, some sprinkles, some sadness sprinkles.
But it's a bummer ending to a really interesting story.
Because like I talk about it in that one, and maybe you, maybe you would have called this
earlier, but I learned about the dark web. I learned you could buy illegal stuff on there.
And like I say in the episode, I know some of that is real. I know you can buy some illegal
stuff. So I assumed all of it was real. Yeah. And it turns out it's not. That doesn't surprise
me at all. Like the whole idea of like, you just got conned. What are you going to do about it?
It's like, yeah, yeah, that's brilliant. It's like, yeah, I guess I'm not going to like go to the
police and be like this person took $30,000 of my money and didn't kill my wife. What a jerk.
Can you arrest him? The thing I want to talk about this episode, which is something that you
literally mentioned once is that all of the details for this came out on a hack. Yeah. And I want more
details on the hack. I know. I know you probably don't have them, but it's like, I know. Was he targeted?
Was it people that were maliciously after him? Or was it just a random,
Bit Locker that they stole the files.
Like, you know, where does the, I'd love to know,
I'd love to know the details of the hack,
because I feel like the hack couldn't be,
I feel like it's too coincidental to just have happened.
Maybe it did, but I don't know.
It feels like maybe it was some cyber bandits coming to the rescue
of this professional hitman group,
or coming to rescue the world from this professional hitman group.
Well, the hack was so interesting because a lot of the same,
a lot of the same users and stuff that were commenting on Eileen's stories
when she started posting new stories about the base of mafia hack,
a lot of those same accounts were coming out saying,
oh, well, this hack isn't real, this is a fake hack,
this is an attack on base of mafia,
this isn't trying to sort of brush it aside a little bit,
which would make a lot of sense if the hack was real.
the question of who would target a fake Albanian organized crime syndicate
another fake organized crime syndicate?
Like is it the competition?
Is it debunkers?
Maybe not even another fake syndicate.
Maybe a real syndicate.
We actually do this for a living.
I get out of our space.
You're stealing our business.
Well, then there's the prickly third option,
which is that at about that point in the story,
I don't bring this up in the episode,
we kind of cruise over this as a,
it would have been distracting.
Bonus content.
But since we're talking about it,
a thing that occurred to me is that at roughly the time,
when that hack came out,
lined up pretty well with when there was an influx of new internet,
like,
yeah, internet researchers starting to read into the base of mafia story.
And a whole bunch of,
of very computer security savvy folks starting to look into something lining up with the moment
when there was a giant document leak feels relevant to me.
Can't really go any further than that, but it feels like pretty good timing.
So we could just say that the positive bite out weigh the negative on that one?
Yeah, I would say so too.
Oh, interesting.
As people to grift on the internet goes, you couldn't pick a better group of people.
Like as victims go, there aren't fewer sympathetic victims.
No kidding.
Yeah, interesting.
Yeah, I would, you know what's funny is that when I was listening to the episode,
I had the same inclination that it seemed too convenient to be, to be coincidence.
Yeah.
It almost certainly isn't.
But it's one of those things in a story where you're like, well, do I take a seven-minute
detour to unpack the genesis of this hack that turns the story, or do we just sort of accept
that it happened and pave forward? But you do miss it. You want to know, like, where did this big
data dump come from? Who's out there hacking the base of mafia? Because that's probably a pretty
interesting story, too. So I guess if anyone out there listening knows anything about that,
please do get in touch.
Well, I think, like the last episode that I did before I went on vacation,
we talked about private investigators,
you know, the new era of digital private investigators,
and I feel like this fits the mold.
The army of internet con people is growing at a severe rate, too,
so I'm not sure if this is going to slow down or speed up.
As long as those stories keep coming,
we'll keep telling them.
Keep making a show.
Speaking of the stories,
there was one thing in the Treasure Hunt episode,
you may mention of,
it made me laugh.
You said something along the lines of like,
well,
there's many famous stories
of people losing money in crypto.
And you were talking about them losing
their like USB key,
but to me it also played as like,
you know,
people just losing boatloads of money in cryptocurrency.
And I was like,
well,
this is accurate.
And I was like,
and then I started thinking,
I was,
yeah,
there's a lot of ways,
you can read that.
I started thinking and I was like,
we could probably make another podcast that is a weekly
that just talks about an active
crypto grift or crypto hack or like there's so much
negative energy going into and coming out of the crypto space.
It seems like it's just insane.
Like if you just Google crypto hack,
you get like top 10 hacks of 2020.
You know, $2.4 billion.
have been stolen this year.
And like you just get so much.
Like it seems like every time I open the news, it's like some crypto con or hack has been
busted.
And it's like, wow.
I remember a couple months ago, I was like trying to dig around for a story for the show.
And I was like, oh, let's do one of these crypto hacks.
There wasn't that much meat on the bones.
I was like, oh, let's do all the crypto hacks that have happened since the last episode.
And I like swung past having too much content.
I went from not having enough in the one story being like,
like this is just silly.
Yeah.
Like, does each one of these things get 60 seconds?
That's not very, that's not very fun to listen to.
Yeah.
I don't even know what to say about them.
It's like, yeah, it's just the ecosystem is rife with fraud is kind of an unsatisfying
conclusion to a story.
Well, and like we're recording this on the 27, 28th.
And that Doe Kwan, the Terra Luna coin guide.
Just got like red noticed by the, yeah.
Anyway, like big, big crazy stuff going on.
Like Salana, I think this summer got like, people were just stealing wallets full of crypto.
Anyway, it's like an endless, an endless field of, I don't even know how to wrap that up.
I think you just did.
It's an endless, it's an endless field and then you just sort of trail off as the ad music.
ramps in underneath you.
Think about the last time you heard a breach story on this show.
It always starts the same way.
Someone somewhere saw something too late.
An alert buried, a signal missed, an SOC that just couldn't keep up.
Arctic Wolf set out to solve that problem by rebuilding security operations from the ground
up for a world where attackers are already using AI.
They created the Aurora superintelligence platform, a fully agentic system powered by the swarm of
experts. Instead of single-purpose bots or lucky-guess LLMs, this swarm is full of deterministic
agents that handle whole entire workflows. Humans stay in the loop and on the loop to validate
the critical decisions and keep everything trustworthy, and all of this is just off-running on
their secure operations graph. A constantly updating intelligence engine fueled by more than
nine trillion telemetry events every week and over a decade of real-world incident response.
The system reasons on real signals and real context, not synthetic training data.
The result is the new Aurora Agent SOC.
It's the first SOC that is agent led by design.
You get agents that coordinate, agents that investigate, agents that respond at machine speed,
and hundreds more that automate the repetitive work that normally buries human analysts.
Arctic Wolf didn't try and bolt AI onto an old model.
They rebuilt the model entirely.
What makes it even more effective is how it works with Arctic Wolf's concierge experience.
The team brings customer-specific context directly into the platform so every AI-driven decision
reflects your environment instead of generic assumptions.
The automation frees your concierge security team to focus on higher value strategy and
proactive risk reductions while the agents handle the grind.
If you want to see what trustworthy, production-ready AI and security operations actually looks
like, go to arcticwolf.com slash hacked.
Never feel like cyber threats are evolving faster than anyone can keep up?
Last year, 2025 was nothing short of a record-breaking year for major breaches from sophisticated,
Ransomware operators to AI-enabled attacks that turn defenses on their head.
Organizations around the world saw headlines they never expected and cybersecurity teams were tested
like never before. But here's the thing. These incidents aren't just news headlines. They're learning
opportunities. And that's why Arctic Wolf is hosting a live webinar on February 5th, diving
to the most impactful breaches of 2025. Their field CTO and security leaders are going to unpack
not just what happened, but why these attacks succeeded. And most importantly, what businesses can do to
fortify their defenses for it's too late. You're going to walk away with real insights
and how threat actors are evolving, how defenders are responding, and what strategies can help
you stay ahead of the next big breach. It's not fearmongering. It's practical, actionable,
intelligence from experts in the trenches. Register now at arcticwolf.com slash hacked.
Oh, you know we should do. Hit me. We should talk a bit about the show and what's happened
with the show. Where we're at with the show? Where we're, where we're, where we're, we're,
some of the successes the show is seen,
some of the beautiful patrons
that have been with us for a long time.
Let's brag about those people.
That's true.
Like Jimmy,
who's been with us since November 6th, 2020.
Oh, Jimmy.
And is our single largest patron.
So thank you, Jimmy.
And there's some other people who have been with us
since the relaunch,
you know, since our COVID project took form.
Michael, Megan Starchuck, Tim Yao, Sam Puggerney.
A lot of these people were patrons in the first couple days of the show re-launching.
And that means a lot.
Yeah, it really does.
There's also a bunch of folks who, I'm not going to speak for you,
I'm bad at Twitter, but we do have a Twitter.
And there's some folks on Twitter who are incredibly generous
in, like, I don't know, just like hyping the show and commenting.
It seems like telling folks about it.
like Torbenstorm Jensen and Darrell Nudson both immediately come to mind.
I know there's others.
But I don't know.
I just,
if we're making space to thank people for supporting Hacked,
thanks to everyone on Twitter who has gone out of their way to share an episode
or to hype it up,
it does not go unnoticed.
Yeah, we went from relaunching the show.
We still had our old episodes up and they were still getting listens,
you know, apparently they were good enough to listen to.
But today, and we're, you know, we crossed the million download mark a while back.
Yep.
And I think we're trending probably going to be closer to two million downloads a year.
So the show is really grown.
And, you know, again, we can't be more appreciative of all your support and your positive reviews and comments and downloads and all that stuff.
It really helps the show.
It helps Jordan and I, you know, get up in the morning.
do you have our chartable up?
Oh, how are we doing?
I know we've been hanging out in the Spotify Tech top 20 for the last little while,
which makes me very happy.
In the USA, we're 18th, just fell from 17th, in Great Britain, we're 12th.
Australia, we're often top 20, Germany, we're top 30.
you know, Apple Podcasts just this week, we hit 69th in the USA Tech.
I'm queuing you to say nice, but you're not quite getting it.
There you go.
Nice.
Noice.
Noice.
I didn't read the number because it was high.
I read the number because it was noise.
But yeah, we're often, it doesn't.
It doesn't have our current Canadian link, our current listing in Canada's thing, but we're often charting in Canada.
So things are good.
We're charting in most countries that the podcast is in.
So we're happy for the sport and really means a lot.
I know I've said that like three times, but it's the truth.
It does mean a lot.
It does.
Do we want to talk about stories that happened over?
the summer.
We could talk about the GTA 6 leaks.
Oh man.
Okay.
They're cool.
Yeah, that's pretty fun.
And they tie back to one of our episodes.
Yeah.
Can't publish their names.
Can't publish their names.
Because that was about Lapsis.
And they just arrested a 17-year-old who is apparently linked to Lapsis.
Yeah, the police in London, who I believe did the arrests, the original Lapsis arrests that we talked about in that episode,
mid-April this year
in the wake of the Rockstar Games
and UberHack have arrested
another teenager
who is suspected of involvement
in that breach.
That breach has been fascinating for me
hanging out on the internet because it sort of just reveals
how, how I put this,
iffy people's understanding of game development is.
I know you have thoughts and experience with this,
Scott, but just folks saying like, no,
one of the first things you do,
when you develop a game is develop the graphics.
These leaks are how the game will look.
Yes, Jordan.
And you also have experience with video game development,
and you probably know that is BS.
It's certainly a hot take.
It's an interesting take.
I don't know if it was an accurate take.
I feel pretty bad for those rock star devs.
You've been working on what's probably going to be
one of the biggest games of all time.
You're grinding on it.
It's probably going to be sick.
You're working on what's hopeful.
hopefully a magnum opus.
And then like, oh, some teenager in London just comes along and, like, kicks out some development
footage.
That is a bad day at work.
Yeah, but you know what?
It made me excited because I love GTA 5.
I thought it was one of the best games ever.
And when I saw GTA 6, knowing how the, how the sausage is made, I was not worried at all.
So I was like, this looks great.
As long as they retain multiple character control.
like they had in GTA 5.
Yep.
Which I think was, and if you don't know this already,
that is the best thing you did in GTA5.
So please do not get rid of it.
Please put it in every game you ever make.
Because sometimes I just want to fly a guy
into the middle of the ocean and I don't want to swim back.
So I just want to change to another player
and do something else stupid.
I just want to talk.
And let him swim himself back.
So please make sure that there's multiple character control on this one.
It was the rumor,
this is not a gaming podcast.
We should start a gaming podcast.
The rumor is that it's like a Bonnie and Clyde type story
where it's like a couple.
I don't know if that's true.
I don't know if that's going to be what it turns out to be,
but I think that's such a cool evolution of the like trio
that you saw in Grand Theft Auto 5.
I think I'm very excited for that game.
And I'm very...
And just this lapses teenager hack
has only got me more excited.
So wait, we got to talk a bit about...
We got a bit...
No, no.
not moving that
we're staying on Lapsis because
Stay up Lapsis I don't know if you remember that story
But the big thing was it came down to
Okta or Octa or however the fuck you say it
Octa Octa Octa
Octa
You got scolded for that one
Yeah and they were claiming that they had
Lapsis had maybe compromised octa
So the early indicators
I don't know how public these are
are that they got in through
Octa again.
But they didn't come through.
They didn't have backdoor access or anything,
but they were apparently theoretically,
this is just what I've heard,
so this is all hearsay.
So Octa's legal department, please don't call
and threaten to see me.
Speculate wildly, Scott, do it.
I'm speculating wildly from this moment on.
But they were apparently doing like brute,
so I don't know if you've ever used Octa,
but when you log in, it sends you essentially
a verification token to your phone for a single,
or double factor authentication.
And they were apparently like brute forcing people these tokens
until somebody just responded yes.
So kind of like,
so like the,
you were kind of just pounding,
like you just send somebody 12 of these things
and you send 50 people 12 of them
and just hope somebody hits,
yes, that's me,
rather than just ignores it.
So, theoretically, high speculation, what I've heard total hearsay is that's what it was.
Like there's a whole ripdown of Lapsis and Octa and how potentially that was the big connect for them that got them into so much stuff.
And then apparently that's how this hack occurred was through Octa, but not through any kind of escalated permissions or anything like that,
but they actually got through by just figuring out a fault in humans, like buzzing,
every apartment to an apartment building waiting for somebody just to hit open.
They essentially did that.
A technique is the oldest apartment buzzers and implemented it with double-factor authentication.
A technique is old as apartment buzzers.
I've developed a theory since you've been talking about this, and it's rooted in the fact that...
Speculate wildly.
I'm rolling up my sleeves.
People can't see it, but they're rolled up.
Okay. So the city of London police arrested a bunch of teenagers, minors, again. And I feel like this, you got a 17-year-old who's going right back to the same well. He's going to use a similar version of the same hack they did, but this time against two new companies. This feels like getting in another two hacks right under the wire. Like I'm 17 years old. Next year, the fallout of these is going to be so much worse for me. So I'm just going to knock out two more. I know I can do it. I have a way in.
I'm going for it.
I think these are pre-birthday hacks, is my theory.
You are speculating wildly.
I like it.
Because he even did a similar, or they, you know,
whomever did this hack.
They were demanding a ransom, too, were they not?
They were going to leak the footage and the source code and stuff
unless they were paid out,
which is a similar structure to some of those hacks in that episode,
wasn't it?
There was a ransom in the previous episode.
I hadn't read about this one having a ransom, though.
That's fun.
Yeah.
Or like, that's interesting.
Yeah, apparently they were in direct.
Whomever controlled the leak.
Yeah.
Was in direct contact with Rockstar, apparently.
And was like being like, I'm going to leak the game and the game code and all this stuff.
And apparently some of the leaks that we saw were like proof of, proof of action.
Like you didn't pay you don't believe I have it
Then here
Here's a bunch of development footage
Oh this is not to get dark
But in the hostage movie
This is the finger in the box that shows up
To prove that they're not messing around
Kind of thing
Yeah
Too dark
This is just what I've read and heard
Yeah no no
No I like it
It's the truth
That's fascinating
Yeah
And it makes you wonder
These leagues are always so interesting
to me because sometimes it's catastrophic and it can totally debilitate a project and mess
up how you promote the whole thing and kind of destroy something. In other situations,
the leak of a thing before it comes out is part of the promotional activity.
100%. There's a lot of folks have talked about, you know, that iPhone showing up in a bar
a week before the big keynote address, you know, how it ended up there. This sort of convenience
of the timelines. I know that happened recently
with a certain VR headset that shall remain unnamed.
There was a little bit of speculation about the timing behind it.
And you kind of wonder, it's like, oh, I don't get that sense about this.
I buy the premise that this is a hacker
releasing a little bit of footage to prove that they're not messing around
as part of a negotiation.
But they're both fun. Both options are great.
Well, the other thing, too, is like, I don't know, it worked for me.
I got excited that the game was coming.
And, too, I loved that like a ton of other video game studios.
We're like, yeah, you want to see early development footage of that game you love?
Yeah, that was great.
Busted ass horizons.
I can't remember who made control.
Yeah, control.
I saw that one.
That was really cool.
I like that.
That's solidarity being like, no, all of our shit stinks before we're done.
Like none of this looks right until we're finished with it.
I really appreciate that.
Yeah.
If you've ever been, and both of us thankfully have, been a part of releasing a game,
it is a chaotic process and it is things.
Let's just say that when people complain about certain video games and them not working right,
I do the opposite and I celebrate all the things that do work right.
Because when you have massive, massive games and they have like one little glitch in them, it's like, do you understand how big this game is?
Like there's millions of lines of code, millions and millions.
And like one little thing is having a weird interaction.
It's like that's not that like as far as things go.
That's pretty good.
Pretty good.
Like, you know, we're talking Sigma 6 here.
There's one fruit fly in this entire skyscraper.
and he was infested yesterday.
We got rid of all of them,
and there's one left, and you're complaining about it.
Exactly, exactly.
To anybody that listens to the show,
that's a software developer,
especially a video game developer,
I empathize with you.
We see you.
We see you.
You do great work.
I think that's it.
I think that's the summer retrospective filler episode,
2022 vacation sandwich colon looking back on a fun summer episode.
I think that's it.
I think that's the whole thing.
Well, your summer's not over.
You're about to go on vacation.
I am about to go on vacation.
You got a little bit of fun left in this one.
I know I'm going biking this weekend.
I'm going to try and squeeze in some last thing before the snow falls on us.
Got a little bit summer left ahead of us.
But thank you for making it.
To everyone who is still here,
who made it to the end
of our summer tacular
filler episode. Thank you.
It means the world to us.
If by any chance you appreciate
these kind of winged
social style episodes,
let us know on social.
We'll read the tweets. Hopefully we'll like them.
Maybe we'll get back to you. No promises.
But it would mean a lot just to know
whether people made it this far
and whether you liked it or not.
We're always in discussion about
whether we want to start doing a bit more of a conversational, maybe mid-month show,
versus less of the story-structured ones.
And it would be great to get a little bit of feedback from the audience.
So if you guys have any strong thoughts on that,
please feel free to hit us up on Twitter.
Some of the best insights about how to make this thing better
have come from people alternatingly suggesting things we could do
and calling out stuff they don't like it when we do.
So we thrive on feedback.
I think from both of our professional backgrounds.
We really thrive on feedback.
So keep it coming.
Thank you for making it to the end of this bad boy.
And we will catch you in the next very normal episode of HACT.
Whoops.
No, we won't because we're still here to thank our newest patrons on Patreon,
Noosh and Mark Horsfield.
We really do appreciate your support.
That's patreon.com slash hackt.
That's patreon.com slash act.
It's great.
Great way to support the show.
Also, since someone brought it up on, I don't know if it was the comments or Twitter,
I'm not sure, two comments saying we need to start posting, A, a way to get in touch with us
and be where we get the music, because that's a normal thing that podcasts do.
If you want to get in touch with us, you can reach us at get at hackedpodcast.com.
That's the email. That's the way you reach out.
Get at hackedpodcast.com.
I think we have on Facebook.
We do not use it.
Do not send that a message.
And then in terms of the music, that's all us.
All of HACT, including the music you were listening to now,
the music here at the episode, is custom scored by us.
So if you like it, just fire us a message and we can hook you up.
Thanks for listening.
We'll catch you in the next one.