The 404 Media Podcast – "This Podcast Will Hack You"

Date: December 3, 2025
Hosts: Joseph, Sam (with guest Matthew Gault in segment two)

Overview

This episode features two major investigative tech stories tackled by the 404 Media team. Joseph and Sam dive into a strange cyber mystery involving Apple Podcasts being used in potential hacking attempts, while Matthew Gault joins later to discuss the ethical chaos of war betting—specifically, how a popular frontline map of Ukraine was suspiciously edited in sync with a large bet on the prediction market Polymarket. The episode is packed with technical insights, ethical debates, and the team’s signature mix of humor and deep reporting.

1. Strange Hack: Inexplicable Activity on Apple Podcasts

Discussed by: Joseph & Sam
Main Segment: 00:59 – 21:40

Summary

Background:
Joseph notices bizarre behavior on his Mac: his Apple Podcasts app opens randomly, displaying obscure or sketchy podcasts with titles ranging from script-like gibberish to Arabic phrases, and sometimes containing coded links and references to weird religious content.
- Joseph: “I will go and unlock my Mac… The podcast app will have opened by itself and it will be displaying some random ass spirituality app, education app, religion as well.” (03:13)
What’s Weird?:
- The podcasts are not ones Joseph subscribes to and have odd titles; sometimes the titles appear to contain scripts or direct links.
- Examples include podcast titles like “5xew e2 single quote, double quote, ampersand hash x22… on click alert…” and suspicious URLs.
- Some shows linked directly to Play Store URLs or contained Gmail addresses.
Scarier Possibilities Considered:
Joseph feared it might be targeted hacking or device compromise, especially given his background as a security journalist.
- “My first reaction was concern, worry… is this something that’s really, really bad?” (02:59)
Realization:
Some podcasts played legitimate (though irrelevant) content, like sermons; others were just silence. All podcasts unearthed were several years old, suggesting possible hijacking or exploitation rather than legitimate recommendations.
- “They’ve clearly been co-opted in some way or some shenanigans are going on…” (08:00)
Technical Analysis:
One podcast had a title resembling a cross-site scripting (XSS) attack—a classic web exploit where scripts can run in a user’s browser. This potentially enables malicious payload delivery if exploited further.
- Joseph: “It appeared to be a cross site scripting attack… a low hanging fruit attack... It was basically what script kiddies were doing…” (10:10)

Expert Input – Patrick Wardle

Timestamps: 14:02 – 17:19

Joseph consulted Mac security expert Patrick Wardle, who was intrigued and recreated the suspicious behavior by crafting a site that auto-opened podcasts on Joseph’s machine without any prompts.
- “He did a proof of concept where he sent me a link… it automatically opened the 404 Media Podcast on my device without a pop up… just automatically opens straight on the podcast." (16:16)
Wardle highlighted the risk: While this isn’t an attack by itself, it could be a vector for serious attacks IF a vulnerability in Apple Podcasts is found.
- "[Wardle] said... this is not an attack, but it does create a very effective delivery mechanism if... a vulnerability exists in the podcast's app." (16:52)

Apple’s Response?

Joseph sent five emails and direct contacts to Apple, which acknowledged receipt only for unrelated topics but never responded to concerns about the podcast issue.
- “Apple did not acknowledge or respond to five emails… The company did respond to other emails for different articles I was working on across that time…” (20:18)

Broader Context

The spammy and potentially threatening podcast hijackings resemble other platform manipulation tricks (like Google Calendar spam), revealing ongoing weaknesses in how large platforms handle user-generated content and exploit possibilities.
- “This podcast stuff is similar to that vibe... but it's not super alarming. That said, if you could deliver... malware to somebody... through a native pre installed... official Apple [app]. That's pretty bad.” (19:06)

Memorable Quotes

Joseph on user confusion:
“I’m like the Simpsons Smithers gif surrounded by women, but it’s that but with podcasts basically. It’s horrible.” (08:00)
Sam on skepticism and humor:
“Free Will, Free Will, that’s a great one. I’m a big fan, I’m a top listener of Free Will, Free Will…” (08:01)

2. Betting on War: Polymarket, Maps, and a Shady Edit

With Matthew Gault
Main Segment: 24:40 – 38:58

Background: What Is Polymarket?

Polymarket is a “predictive betting market” where users wager on outcomes of real-world events—elections, wars, financial decisions, etc. It’s positioned by founders as “the future of news,” using market sentiment as “truth.”
- Matthew: “It basically allows you to gamble on everything, including the outcomes of individual battles in a war zone.” (25:48)
The rationalization: A person’s willingness to risk money supposedly reflects their truest expectations about reality.

Tying It to Ukraine

Bets placed on whether specific Ukrainian towns (such as Myrhorod in Donetsk) would fall to Russia by a certain date.
ISW (Institute for the Study of War) produces a widely-accepted map used as the basis for settling these bets.

The Incident

Timestamps: 29:23 – 36:59

A large, unusual bet (over $1M in volume) depended on whether a particular block of the city would be captured by a deadline.
Around 6:00am on Nov 15, before ISW’s normal update window, the map changes in just the relevant spot, showing the city “captured.” Right after, the map is reverted.
ISW confirms an “unauthorized edit” was made overnight, later reversed, and publicly distances themselves from the use of their map for betting.
- Matthew, quoting ISW: “ISW strongly disapproves of such activities and strenuously objects to the use of our maps for such purposes, for which we emphatically do not give consent.” (33:32)
PolyMarket pays out the bet based on the map snapshot, despite the reversal. No one disputes the outcome through PolyMarket’s odd blockchain-based dispute process.
- Matthew: “Nobody disputed anything... The money was paid out and the ISW map reverted after that.” (36:47)

Analysis & Ethics Debate

Possibilities:
- Someone with access, or a hacker, manipulated the map to ensure the bet’s specific outcome.
- PolyMarket’s systems, dependent on snapshot, allow for such fraudulent manipulation unless manually disputed.
- The process for challenging bad resolutions is convoluted and rarely used, leaving room for abuse.
Ethical Concerns:
- Both team and audience express profound discomfort with the idea of gambling on real-world death and tragedy.
- Matthew: “I think it’s a moral state on your soul if you do it full stop. Sorry if you’re betting on the outcome of a conflict like this.” (38:17)
- Sam: “So cynical. It’s such a cynical...” (38:25)
- Matthew: “War is a horrifying thing where people die...and people are, like, laying bets on it... That’s awful. It is a bad thing to do and you should not do it.” (38:29)

3. Notable Quotes & Moments

On the Apple Podcasts Exploit

Joseph: “He sent me a link... it automatically opened the 404 Media Podcast on my device without a pop up... Which he found pretty interesting.” (16:16)

On Betting on War

Matthew: “ISW strongly disapproves of such activities and strenuously objects to the use of our maps for such purposes, for which we emphatically do not give consent.” (33:32)
Matthew, on ethics: “I think it’s a moral state on your soul if you do it full stop. Sorry if you’re betting on the outcome of a conflict like this.” (38:17)
Matthew, bluntly: “War is a horrifying thing where people die... and people are, like, laying bets on it... That’s awful.” (38:29)

4. Key Timestamps for Important Segments

Apple Podcasts ‘Hack’ Discovery: 01:56 – 21:40
Break, Ads (skipped)
War Betting & Map Exploitation: 24:40 – 38:58
Ethics Discussion: 38:17 – 38:58

5. Conclusion & Tone

The episode blends investigative rigor with sharp, sometimes irreverent commentary. The team effectively demystifies two complex stories: one technical (the Apple Podcasts opening exploit), and the other an ethical minefield (war betting systems being gamed). Through experts and transparent self-examination, 404 Media continues their mission of exposing the strange, dark corners of technology—always with a critical, human-centered approach.

For further information and extra episodes, 404 Media encourages listeners to subscribe via 404media.co.

Summary prepared by Podcast Summarizer
(Content drawn closely from original transcript; all quotes and ideas directly attributed to hosts and guests as indicated.)

The 404 Media Podcast – "This Podcast Will Hack You"

Date: December 3, 2025
Hosts: Joseph, Sam (with guest Matthew Gault in segment two)

Overview

1. Strange Hack: Inexplicable Activity on Apple Podcasts

Discussed by: Joseph & Sam
Main Segment: 00:59 – 21:40

Summary

Background:
Joseph notices bizarre behavior on his Mac: his Apple Podcasts app opens randomly, displaying obscure or sketchy podcasts with titles ranging from script-like gibberish to Arabic phrases, and sometimes containing coded links and references to weird religious content.
- Joseph: “I will go and unlock my Mac… The podcast app will have opened by itself and it will be displaying some random ass spirituality app, education app, religion as well.” (03:13)
What’s Weird?:
- The podcasts are not ones Joseph subscribes to and have odd titles; sometimes the titles appear to contain scripts or direct links.
- Examples include podcast titles like “5xew e2 single quote, double quote, ampersand hash x22… on click alert…” and suspicious URLs.
- Some shows linked directly to Play Store URLs or contained Gmail addresses.
Scarier Possibilities Considered:
Joseph feared it might be targeted hacking or device compromise, especially given his background as a security journalist.
- “My first reaction was concern, worry… is this something that’s really, really bad?” (02:59)
Realization:
Some podcasts played legitimate (though irrelevant) content, like sermons; others were just silence. All podcasts unearthed were several years old, suggesting possible hijacking or exploitation rather than legitimate recommendations.
- “They’ve clearly been co-opted in some way or some shenanigans are going on…” (08:00)
Technical Analysis:
One podcast had a title resembling a cross-site scripting (XSS) attack—a classic web exploit where scripts can run in a user’s browser. This potentially enables malicious payload delivery if exploited further.
- Joseph: “It appeared to be a cross site scripting attack… a low hanging fruit attack... It was basically what script kiddies were doing…” (10:10)

Expert Input – Patrick Wardle

Timestamps: 14:02 – 17:19

Joseph consulted Mac security expert Patrick Wardle, who was intrigued and recreated the suspicious behavior by crafting a site that auto-opened podcasts on Joseph’s machine without any prompts.
- “He did a proof of concept where he sent me a link… it automatically opened the 404 Media Podcast on my device without a pop up… just automatically opens straight on the podcast." (16:16)
Wardle highlighted the risk: While this isn’t an attack by itself, it could be a vector for serious attacks IF a vulnerability in Apple Podcasts is found.
- "[Wardle] said... this is not an attack, but it does create a very effective delivery mechanism if... a vulnerability exists in the podcast's app." (16:52)

Apple’s Response?

Joseph sent five emails and direct contacts to Apple, which acknowledged receipt only for unrelated topics but never responded to concerns about the podcast issue.
- “Apple did not acknowledge or respond to five emails… The company did respond to other emails for different articles I was working on across that time…” (20:18)

Broader Context

The spammy and potentially threatening podcast hijackings resemble other platform manipulation tricks (like Google Calendar spam), revealing ongoing weaknesses in how large platforms handle user-generated content and exploit possibilities.
- “This podcast stuff is similar to that vibe... but it's not super alarming. That said, if you could deliver... malware to somebody... through a native pre installed... official Apple [app]. That's pretty bad.” (19:06)

Memorable Quotes

Joseph on user confusion:
“I’m like the Simpsons Smithers gif surrounded by women, but it’s that but with podcasts basically. It’s horrible.” (08:00)
Sam on skepticism and humor:
“Free Will, Free Will, that’s a great one. I’m a big fan, I’m a top listener of Free Will, Free Will…” (08:01)

2. Betting on War: Polymarket, Maps, and a Shady Edit

With Matthew Gault
Main Segment: 24:40 – 38:58

Background: What Is Polymarket?

Polymarket is a “predictive betting market” where users wager on outcomes of real-world events—elections, wars, financial decisions, etc. It’s positioned by founders as “the future of news,” using market sentiment as “truth.”
- Matthew: “It basically allows you to gamble on everything, including the outcomes of individual battles in a war zone.” (25:48)
The rationalization: A person’s willingness to risk money supposedly reflects their truest expectations about reality.

Tying It to Ukraine

Bets placed on whether specific Ukrainian towns (such as Myrhorod in Donetsk) would fall to Russia by a certain date.
ISW (Institute for the Study of War) produces a widely-accepted map used as the basis for settling these bets.

The Incident

Timestamps: 29:23 – 36:59

A large, unusual bet (over $1M in volume) depended on whether a particular block of the city would be captured by a deadline.
Around 6:00am on Nov 15, before ISW’s normal update window, the map changes in just the relevant spot, showing the city “captured.” Right after, the map is reverted.
ISW confirms an “unauthorized edit” was made overnight, later reversed, and publicly distances themselves from the use of their map for betting.
- Matthew, quoting ISW: “ISW strongly disapproves of such activities and strenuously objects to the use of our maps for such purposes, for which we emphatically do not give consent.” (33:32)
PolyMarket pays out the bet based on the map snapshot, despite the reversal. No one disputes the outcome through PolyMarket’s odd blockchain-based dispute process.
- Matthew: “Nobody disputed anything... The money was paid out and the ISW map reverted after that.” (36:47)

Analysis & Ethics Debate

Possibilities:
- Someone with access, or a hacker, manipulated the map to ensure the bet’s specific outcome.
- PolyMarket’s systems, dependent on snapshot, allow for such fraudulent manipulation unless manually disputed.
- The process for challenging bad resolutions is convoluted and rarely used, leaving room for abuse.
Ethical Concerns:
- Both team and audience express profound discomfort with the idea of gambling on real-world death and tragedy.
- Matthew: “I think it’s a moral state on your soul if you do it full stop. Sorry if you’re betting on the outcome of a conflict like this.” (38:17)
- Sam: “So cynical. It’s such a cynical...” (38:25)
- Matthew: “War is a horrifying thing where people die...and people are, like, laying bets on it... That’s awful. It is a bad thing to do and you should not do it.” (38:29)

3. Notable Quotes & Moments

On the Apple Podcasts Exploit

Joseph: “He sent me a link... it automatically opened the 404 Media Podcast on my device without a pop up... Which he found pretty interesting.” (16:16)

On Betting on War

Matthew: “ISW strongly disapproves of such activities and strenuously objects to the use of our maps for such purposes, for which we emphatically do not give consent.” (33:32)
Matthew, on ethics: “I think it’s a moral state on your soul if you do it full stop. Sorry if you’re betting on the outcome of a conflict like this.” (38:17)
Matthew, bluntly: “War is a horrifying thing where people die... and people are, like, laying bets on it... That’s awful.” (38:29)

4. Key Timestamps for Important Segments

Apple Podcasts ‘Hack’ Discovery: 01:56 – 21:40
Break, Ads (skipped)
War Betting & Map Exploitation: 24:40 – 38:58
Ethics Discussion: 38:17 – 38:58

5. Conclusion & Tone

For further information and extra episodes, 404 Media encourages listeners to subscribe via 404media.co.

Summary prepared by Podcast Summarizer
(Content drawn closely from original transcript; all quotes and ideas directly attributed to hosts and guests as indicated.)

This Podcast Will Hack You

Powered by Wave AI

Summary

The 404 Media Podcast – "This Podcast Will Hack You"

Overview

1. Strange Hack: Inexplicable Activity on Apple Podcasts

Summary

Expert Input – Patrick Wardle

Apple’s Response?

Broader Context

Memorable Quotes

2. Betting on War: Polymarket, Maps, and a Shady Edit

Background: What Is Polymarket?

Tying It to Ukraine

The Incident

Analysis & Ethics Debate

3. Notable Quotes & Moments

On the Apple Podcasts Exploit

On Betting on War

4. Key Timestamps for Important Segments

5. Conclusion & Tone

Summary

The 404 Media Podcast – "This Podcast Will Hack You"

Overview

1. Strange Hack: Inexplicable Activity on Apple Podcasts

Summary

Expert Input – Patrick Wardle

Apple’s Response?

Broader Context

Memorable Quotes

2. Betting on War: Polymarket, Maps, and a Shady Edit

Background: What Is Polymarket?

Tying It to Ukraine

The Incident

Analysis & Ethics Debate

3. Notable Quotes & Moments

On the Apple Podcasts Exploit

On Betting on War

4. Key Timestamps for Important Segments

5. Conclusion & Tone