{"podcast":{"title":"Inside Darknet","slug":"inside-darknet-6682885","podcast_index_feed_id":6682885,"rss_url":"https://anchor.fm/s/ecad2d4c/podcast/rss","website_url":"https://guns.lol/insidedarknet","image_url":"https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/39607723/39607723-1766328381049-d042725a745.jpg","author":"Rat","episode_count":118,"summary":"Der coolste deutsche Cybercrime Podcast über das Darknet, Hacker, Sicherheitslücken und all die Dinge die sich in den illegalen Seiten des Internets abspielen. Neue Folgen erscheinen jeden Samstag, überall, wo es Podcasts gibt. Discord und weitere Links: http://guns.lol/insidedarknet","last_synced_at":null,"page_url":"https://stenobird.com/podcast/inside-darknet-6682885"},"episode":{"title":"97; App Store Malware","slug":"97-app-store-malware","published_at":"2025-12-06T09:50:35+00:00","page_url":"https://stenobird.com/podcast/inside-darknet-6682885/97-app-store-malware","show_page_url":"https://stenobird.com/podcast/inside-darknet-6682885","url":"https://podcasters.spotify.com/pod/show/insidedarknet/episodes/97-App-Store-Malware-e3bvbja","audio_url":"https://traffic.megaphone.fm/APO7622737806.mp3","summary":"A developer demonstrates how easily a malicious 'wrapper' app mimicking ChatGPT was successfully placed in the Microsoft Store to intercept user data. The episode exposes the dangerous illusion of security provided by official app marketplaces.","meta_description":"Learn how a fake OpenAI app in the Microsoft Store secretly logged user inputs, exposing the massive security risks of third-party AI wrappers.","key_points":["Main idea: Official app stores like Microsoft Store lack the rigorous manual review necessary to catch sophisticated data-logging wrappers","Failure mode: Using third-party AI applications creates a 'man-in-the-middle' scenario where all prompts and sensitive data are intercepted by the developer","Practical takeaway: Never input sensitive, corporate, or personal information into any third-party AI tool that you wouldn't send via unencrypted email","Technical insight: Malicious apps can function perfectly as legitimate proxies to the OpenAI API while simultaneously running background data exfiltration","Risk assessment: The value of stolen bulk user data lies in its potential for high-level social engineering and targeted corporate espionage"],"chapters":[{"start_ms":60000,"title":"The Perfect Deception","summary":"A user downloads a familiar-looking AI app from the Microsoft Store, unaware that every keystroke is being intercepted."},{"start_ms":500000,"title":"The Illusion of Store Security","summary":"An exploration of how developers bypass automated checks to place malicious software in official marketplaces."},{"start_ms":590000,"title":"Inside the Fake OpenAI App","summary":"The developer explains how they built a simple API wrapper that looks and acts like ChatGPT while logging user requests."},{"start_ms":770000,"title":"The Mechanics of a Keylogger","summary":"How the app functions as an AI-powered keylogger and the ease of bypassing Microsoft Store's security protocols."},{"start_ms":860000,"title":"The Value of Stolen Data","summary":"A discussion on the monetization of intercepted communication logs and the potential for social engineering attacks."},{"start_ms":1030000,"title":"The Invisible Threat","summary":"Why well-crafted malicious apps are nearly impossible for average users to detect in a crowded marketplace."},{"start_ms":1120000,"title":"Protecting Your Data","summary":"Final advice on avoiding third-party risks and the broader implications of data collection by large-scale AI models."}],"topics":["Cybersecurity","Malware","Microsoft Store","OpenAI","Data Privacy","Social Engineering","Artificial Intelligence","App Security"],"duration_seconds":1218,"processing_state":"processed","actions":[{"name":"request_transcript","method":"POST","url":"https://stenobird.com/v1/public/podcasts/inside-darknet-6682885/episodes/97-app-store-malware/transcription-requests","description":"Idempotently request low-priority transcript generation for this episode."},{"name":"read_markdown","method":"GET","url":"https://stenobird.com/podcast/inside-darknet-6682885/97-app-store-malware.md","description":"Read the agent-friendly Markdown representation of this episode resource."}]}}