Risky Business #820 — Asian Fraud Kingpin Will Face Chinese Justice (Pew Pew!)
Date: January 14, 2026
Host: Patrick Gray
Co-host: Adam Boileau
Sponsor Interview (Airlock Digital): David Cottingham & Daniel Schell
Episode Overview
In the milestone 20th year of Risky Business, Patrick Gray and Adam Boileau dive into a security-heavy news cycle featuring major vulnerabilities, brazen hacks at hacker conferences, global law enforcement drama, and both novel and classic attack techniques. The episode’s main theme orbits the persistence of old vulnerabilities (and old tech), the creative innovation of hackers (both good and bad), and the shifting landscape as AI and geopolitics increasingly frame the security discussion. The show features an in-depth sponsor interview on a stealthy .NET attack vector and a thoughtful discussion on the philosophical place of AI in allowlisting.
Major News and Key Discussion Points
1. MongoDB’s “MongoBleed” Vulnerability (00:50–03:30)
- Key Points:
- "MongoBleed" — a memory leak vulnerability similar to Heartbleed, allowing attackers to pull uninitialized memory from MongoDB, potentially exposing credentials, tokens, and passwords.
- Actively exploited after POC code publicly released on Christmas Day.
- Real-world exploitation is somewhat mitigated by the non-deterministic data returned, but widespread compromise is still occurring.
- Notable Quote:
- “You might get credentials, you might get tokens, you might get passwords. And so, yeah, people have been using that." (Adam, 02:36)
2. Vercel’s Response to React-to-Shell: WAF + Million-Dollar Bug Bounty (03:30–06:39)
- Key Points:
- Vercel’s temporary response to a critical bug: deployed custom WAF rules and simultaneously launched a high-payout bug bounty program ($1M+ paid for WAF bypasses).
- Highlights the effective use of bug bounty talent for real-world WAF hardening.
- "This is a lesson for other big platforms," says Adam.
- Notable Quotes:
- “If you want to find some people who are really good at bypassing WAFs, it’s going to be bug bounty participants.” (Patrick, 05:34)
- “Big ups for Vercel… If you’ve got a million bucks to burn, it’s a good way to burn it.” (Adam, 06:30)
3. Old-School Hacking at 39C3: GPG & Pink Power Ranger Anti-Fascism (06:42–11:25)
- GPG Security Flaws:
- Group of young EU CTF hackers reveal 14 new bugs in GPG, including signature validation and user confusion attacks (e.g., reviving "ANSI bomb"-style attacks from the 90s).
- "90s level bugs" persist in critical open source infrastructure.
- Pink Power Ranger Talk:
- Live, performative takedown of white supremacist web infrastructure during a conference talk.
- Use of AI astroturfing and creative technical/social hacks.
- Considered risky, comedic, and impactful — “This is exactly the sort of talk I want to book.”
- Notable Quotes:
- “ANSI bombs are back and now in GPG… wow.” (Patrick, 08:44)
- “Imagine calling yourselves the master race but forgetting to secure your own website. Maybe try mastering how to host WordPress before world domination.” (Patrick, 11:27)
4. Chinese APTs Exploiting Ancient IronPort Bugs (11:27–13:40)
- Key Points:
- IronPort/Cisco Secure Email Gateway riddled with ancient vulnerabilities.
- Chinese APT groups actively exploiting for government and financial sector espionage.
- General dismay at old, widely deployed tech still being juicy targets.
- Notable Quote:
- “It’s just… depressing seeing ancient, old-school, crappy bugs in software that… is 20 years past its use by date.” (Adam, 12:55)
5. Modern Automation Bugs: n8n & AI Prompt Injections in ServiceNow (14:30–17:30)
- n8n Bug:
- Workflow automation platform (n8n) allows file attachment vulnerabilities that can escalate to credential theft and code execution – same old file handling issues, new platforms.
- Vulnerable due to flexible, customizable workflow design; large potential attack surface.
- ServiceNow Bug:
- Noteworthy for being a high-severity prompt injection exploit via embedded AI, not traditional code flaws.
- Expectation that 2026 will bring many such AI-borne bugs.
6. Asian Fraud Kingpin Extradited to China (17:34–20:32)
- Key Points:
- Chen Xi Zi, Cambodia-based Prince Group head, extradited to China, not the US, to face punishment (likely execution) after running a global scam operation.
- Case intertwines US-China law enforcement, geopolitics, and Southeast Asian corruption.
- Speculated that extradition to China avoids scrutiny of possible Cambodian official involvement.
- Notable Quotes:
- “It’s one of those rare instances where I think someone’s probably sitting there going, 'Oh, please don’t extradite me to China…'" (Patrick, 18:34)
- “Wheels within wheels with this kind of stuff.” (Adam, 20:22)
7. The Underwriters Labs IoT Labeling Drama (20:52–24:26)
- Key Points:
- Underwriters Labs (UL) leaves the US government’s IoT Cyber Trust Mark program after being accused (by FCC head Brendan Carr and right-wing commentators) of being a tool of the Chinese Communist Party due to Chinese operations.
- Program’s future uncertain; years of development wasted.
- Notable Quotes:
- “They have just gone, you know what? Nope, we’re done with this trash… Best of luck.” (Adam, 22:49)
- “It’s a shame to see years of this work just thrown into the toilet.” (Patrick, 23:39)
8. US Cyber Appointments: NSA and Cyber Command (24:26–25:37)
- Key Points:
- Joshua Rudd, career military (no direct cyber background), tapped to run NSA/Cyber Command.
- Discussion on leadership qualifications and US cyber policy drift.
- Notable Quote:
- “You would think it would be preferable to have someone who at least has some history in the space.” (Patrick, 24:56)
9. European Drug Smuggler Hack — Ports and OT Security (27:45–29:33)
- Key Points:
- Hacker bribes port worker in Belgium, gaining deep access to port systems, facilitating cocaine smuggling.
- Case highlights weak security postures in critical infrastructure.
- Notable Quote:
- “The average computer network at the average port is not particularly secure.” (Patrick, 27:45)
10. Botnets, Android TV Boxes, and Residential Proxy Mayhem (29:33–33:56)
- Key Points:
- Krebs' investigative series on Android TV boxes pre-infected to feed residential proxy networks (and botnets).
- DNS rebinding attacks used to pivot further inside home networks.
- Entire ecosystem of proxy/botnet operators attacking each other.
- Notable Quote:
- “It’s just a horrible, horrible big mess… You feel bad for people who just want to display pictures of their grandkids on a photo frame.” (Adam, 33:05)
11. South Korea’s “Wet MacBook” Forensics (33:58–35:25)
- Key Points:
- After 33.7 million accounts stolen from Coupang, investigators retrieve a key suspect’s submerged MacBook, recover evidence via forensics.
- Fun anecdote on hardware forensics resilience.
- Notable Quote:
- “If anything, it says nice things about Apple engineering.” (Adam, 34:46)
12. Security Pros Turn Criminal: Ransomware Negotiators Plead Guilty (35:25–37:02)
- Key Points:
- Two US security professionals plead guilty to running a ransomware extortion scheme on the side; face up to 20 years.
- Notable Quote:
- “What are you doing? I guess you’re going to jail is what you’re doing.” (Adam, 36:51)
13. Global Healthcare Data Breaches — New Zealand Case (37:08–40:30)
- Key Points:
- Several high-profile healthcare breaches in US, UK, and New Zealand.
- NZ’s "Manage My Health" hack (affecting 1.8 million) prompts lowball ransom ($60,000) — attacker openly speaks to media.
- Criticism of local journalists engaging with the attacker as if they were a legitimate businessperson.
- Notable Quote:
- “The quality of the reporting has not been fantastic. So boo to them.” (Adam, 40:30)
Sponsor Interview: Airlock Digital — ClickOnce Abuse, Code Reflection, and AI in Allowlisting
Starts: 42:23
Ends: 58:20
ClickOnce and .NET Assembly Reflection Attacks (43:32–51:30)
- Presenters: David Cottingham (CEO), Daniel Schell (CTO)
- Key Points:
- ClickOnce: Microsoft app deployment mechanism, rarely seen in legitimate practice but increasingly used in attacks, especially against financial services.
- Attackers chain ClickOnce with code reflection (.NET assembly injection) to allow legitimate, signed, SmartScreen-approved apps to download and execute malicious code at runtime, evading detection.
- Malicious payload generally loaded via XML config, leveraging legitimate binaries as loaders.
- Airlock’s allowlisting approach (denying-by-default, monitoring .NET reflection loading) proved effective at blocking this class of attack before it was widely known.
- Notable Quotes:
- “You have a legitimate signed application… and then there’s this config file giving it instructions that's not going to be detected as malicious...” (David Cottingham, 45:06)
- “My answer is I don't care. We default prevented this type of tradecraft.” (Daniel Schell, 48:55)
- “Any Net assembly… can become a loader stager launcher for malware.” (Daniel Schell, 48:12)
- “There's very little visibility, and… because this is all happening within the application itself, there's nothing to hook.” (Daniel Schell, 49:48)
AI for Allowlisting: Philosophy vs. Hype (51:30–57:33)
- Key Points:
- Airlock is cautious about giving AI "full control" over allowlisting because its security model is based on human-in-the-loop trust/context, not just code analysis.
- AI can help by surfacing context and suggestions for the operator, making decision-making faster, but total automation risks “reverse EDR” and loss of real trust boundaries.
- Blackbox AI trust scoring can obscure decision origins, eroding allowlisting’s effectiveness and auditability.
- Notable Quotes:
- “The whole point of Allowlisting is that you do have that human control, you do have that human context.” (Patrick Gray, 42:29)
- “We're fairly principled in making sure that the customer is in complete control… because that provides ultimately the best security outcome.” (David Cottingham, 55:26)
- “If you've got this thing that's making decisions for you on your behalf, then… it can kind of get [unwieldy].” (David Cottingham, 56:26)
Memorable Moments and Standout Quotes
- Old Man Yells at Cloud:
“Old man yells AT Cloud.” (Patrick, 03:29) - On Internet of Things Security:
“Pre-installed botnets on everything.” (Adam, 23:13) - On Botnet-Proxy Operator Mayhem:
“It's just a horrible, horrible big mess… An ouroboros of fail…” (Adam, 33:05) - On Lowball Ransomware in Small Markets:
“It’s a sign of the scale of New Zealand that the money they're demanding is $60,000…” (Patrick, 38:21)
Timestamps for Important Segments
- [00:50–03:30]: MongoBleed vulnerability explained and contextualized
- [04:06–06:39]: Vercel/React-to-Shell response with $1M+ WAF bug bounty
- [07:04–08:54]: GPG bugs from Chaos Communications Congress
- [09:41–11:25]: On-stage hacking against Nazi websites at 39C3
- [11:27–13:40]: Chinese APTs exploiting IronPort
- [14:30–16:30]: n8n automation platform bug overview
- [16:38–17:30]: ServiceNow prompt injection bug — the start of the AI exploit wave
- [17:34–20:32]: Fraud kingpin extradited to China — geopolitics and scam empires
- [20:52–24:26]: Underwriters Labs exit US IoT Trust Mark program — regulatory drama
- [27:45–29:33]: Belgian port hacker enables coke smuggling
- [29:33–33:56]: Krebs’ reporting: Android TV box botnets, DNS rebinding, proxy operator wars
- [33:58–35:25]: South Korea’s “wet MacBook Air” forensics
- [37:08–40:30]: Healthcare data breaches round-up — New Zealand ransom story in detail
- [42:23–57:33]: Sponsor Interview: Airlock Digital — ClickOnce abuse, code reflection, and the AI debate in allowlisting
Tone and Style
The episode maintains the Risky Business signature: brisk, irreverent, sometimes curmudgeonly, and deeply informed. Patrick and Adam balance technical insight with world-weary (and sometimes darkly funny) commentary about the security industry’s state, government and regulatory failures, and hacker culture. The sponsor interview is genuinely technical, immediately relevant, and sharp, aligning with the "no waffle" ethos.
Final Thoughts
- The security industry in 2026 is still haunted by decade-old designs and code, even as AI introduces new, subtle exploit classes.
- Fresh, creative attacks frequently combine old and new in unexpected ways — a theme that ran through both news and the sponsor interview.
- Geopolitics, from China’s handling of cyber criminals to US regulatory self-sabotage, is increasingly inseparable from the security landscape.
- The “human context” argument for security decisions versus AI is still very much alive, at least among practitioners who care about the fidelity of control.
End summary.