North Korean hackers are attempting to lure in cryptocurrency experts via bogus job offers for crypto exchange platform Coinbase.
As reported by Bleeping Computer, a campaign orchestrated by the well known North Korean Lazarus hacking group has been uncovered, and its target is those involved in the increasingly popular fintech (financial technology) industry.
In what is clearly part of a social engineering attack, the hacking group engages in conversation with targets through LinkedIn, which ultimately culminates in a job offer being presented to the potential victim.
Coinbase is a leading cryptocurrency exchange company, so, at face value, many who are not privy to the attack will naturally be interested in adding them to their resumes. However, if the attack were to succeed, then the consequences could lead to untold amounts of crypto wallets being seized and stolen.
Hossein Jazi, who works as a security researcher at internet security firm Malwarebytes and has been analyzing Lazarus since February 2022, said individuals from the cybergang are masquerading as employees from Coinbase. The scam attracts potential victims by approaching them to fill the role of “Engineering Manager, Product Security.”
If that individual falls for the fake job offer, then they’ll eventually be given instructions to download a PDF explaining the job in full. However, the file itself is actually a malicious executable utilizing a PDF icon to trick people.
The file itself is called “Coinbase_online_careers_2022_07.exe,” which seems innocent enough if you didn’t know any better. But while it opens a fake PDF document created by the threat actors, it also loads malicious DLL codes onto the target’s system.
After it’s successfully deployed onto the system, the malware will then make use of GitHub as a central command center in order to receive commands, after which it has free rein to carry out attacks on devices that have been breached.
U.S. intelligence services have previously issued warnings regarding Lazarus’ activity in issuing cryptocurrency wallets and investment apps infected with trojans, effectively allowing them to steal private keys.
And the group’s efforts have been lucrative, to say the least — the FBI found that it had stolen cryptocurrency with a value of over $617 million at the time.
This particular attack, which is connected to a blockchain-based game, materialized due to another deceptive PDF file, which was sent as a job offer to one of the blockchain’s engineers. Once the file was opened, the individual’s system was infected, subsequently paving the way for Lazarus to locate a security flaw and take advantage of it in a big way.
In any case, the prospect is a scary one: opening a single PDF file leading to the entire network being compromised. In the case of Coinbase, which handles billions of dollars in crypto transactions, one can only imagine what the outcome and financial ramifications would be if Lazarus indeed manages to find a way in.
For the time being, if you’re approached by Coinbase in any capacity, it might be a good idea to be cautious of opening any files.
Sega has announced it’s bringing the Genesis Mini 2 to North America on October 27th. The company previously said its latest retro console will go on sale in Japan on the same day (though it’s called the Mega Drive Mini 2 there).
The system follows the Genesis Mini, which Sega released in 2019. The latest edition has a fresh library of more than 50 games, including Sega CD titles. The lineup features the likes of Sonic CD, Virtua Racing, OutRun, Shining Force CD and Fantasy Zone (a Master System and arcade game that was never released on Genesis). Sega is promising a previously unreleased game as well. More than half of the games have yet to be revealed.
One of our few complaints with the Genesis Mini in our review was that it came with a three-button controller. If the packaging is anything to go by, it seems you’ll get a six-button controller this time around.
Pre-orders are open now. The Genesis Mini 2 is only available from Amazon, and it costs $103.80 plus a $22 delivery fee in the US. The console will be shipped over from Japan.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
The US Treasury Department blames North Korean hacking group Lazarus for stealing $625 million in cryptocurrency from the Ronin network, the blockchain backing the Axie Infinity play-to-earncrypto game, according to a report from Vice. On Thursday, the Department of Treasury updated sanctions to include the wallet address that received the funds and attributed it to the Lazarus group.
In an updated post about the incident, the Ronin network, which is owned by developer group Sky Mavis, explains the US Department of Treasury and FBI have pinned the attack on Lazarus. “We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk,” the post reads. “We expect to deliver a full post mortem that will detail security measures put in place and next steps by the end of the month.” Ronin says it will bring its bridge back online “by the end of the month.” The bridge allows users to transfer funds between other blockchains and Axie Infinity and has been blocked off since the attack.
As noted by Vice, the flagged wallet address currently contains over $445 million USD (148,000 Ethereum) and sent almost $10 million (3,302.6 ETH) to another address less than a day ago. Crypto transaction tracker Etherscan labels the address as “reported to be involved in a hack targeting the Ronin bridge.”
On March 29th, hackers made off with $625 million worth of Ethereum in one of the biggest crypto heists to date. According to cryptocurrency investigation group Chainanalysis, the Lazarus group is tied to North Korea’s intelligence agency and was responsible for seven attacks last year. The group gained notoriety for hacking Sony Pictures in 2014, leaking The Interview, a comedy set in North Korea directed by Seth Rogen. It later used Trojan malware to steal millions from ATMs across Asia and Africa in 2018 and has also been linked to WannaCry ransomware.
Join gaming leaders online at GamesBeat Summit Next this upcoming November 9-10. Learn more about what comes next.
Deep North, a Foster City, California-based startup applying computer vision to security camera footage, today announced that it raised $16.7 million in a series A-1 round. Led by Celesta Capital and Yobi Partners, with participation from Conviction Investment Partners, Deep North plans to use the funds to make hires and expand its services “at scale,” according to CEO Rohan Sanil.
Deep North, previously known as Vmaxx, claims its platform can help brick-and-mortar retailers “embrace digital” and protect against COVID-19 by retrofitting security systems to track purchases and ensure compliance with masking rules. But the company’s system, which relies on algorithms with potential flaws, raises concerns about both privacy and bias.
“Even before a global pandemic forced retailers to close their doors … businesses were struggling to compete with a rapidly growing online consumer base,” Sanil said in a statement. “As stores open again, retailers must embrace creative digital solutions with data driven, outcome-based computer vision and AI solutions, to better compete with online retailers and, at the same time, accommodate COVID-safe practices.”
Deep North was founded in 2016 by Sanil and Jinjun Wang, an expert in multimedia signal processing, pattern recognition, computer vision, and analytics. Wang — now a professor at Xi’an Jiaotong University in Xi’an, China — was previously a research scientist at NEC before joining Epson’s R&D division as a member of the senior technical staff. Sanil founded a number of companies prior to Deep North, including Akirra Media Systems, where Wang was once employed as a research scientist.
“In 2016, I pioneered object detection technology to help drive targeted advertising from online videos. When a major brand saw this, they challenged m e to create a means of identifying, analyzing, and sorting objects captured on their security video cameras in their theme parks,” Sanil told VentureBeat via email. “My exploration inspired development that would unlock the potential of installed CCTV and security video cameras within the customer’s physical environment and apply object detection and analysis in any form of video.”
After opening offices in China and Sweden and rebranding in 2018, Deep North expanded the availability of its computer vision and video analytics products, which offer object and people detection capabilities. The company says its real-time, AI-powered and hardware-agnostic software can understand customers’ preferences, actions, interactions, and reactions “in virtually any physical setting” across “a variety of markets,” including retailers, grocers, airports, drive-thrus, shopping malls, restaurants, and events.
Deep North says that retailers, malls, and restaurants in particular can use its solution to analyze customer “hotspots,” seating, occupancy, dwell times, gaze direction, and wait times, leveraging these insights to figure out where to assign store associates or kitchen staff. Stores can predict conversion by correlating tracking data with the time of day, location, marketing events, weather, and more, while shopping centers can draw on tenant statistics to understand trends and identify “synergies” between tenants, optimizing for store placement and cross-tenant promotions.
“Our algorithms are trained to detect objects in motion and generate rich metadata about physical environments such as engagement, pathing, and dwelling. Our inference pipeline brings together camera feeds and algorithms for real-time processing,” Deep North explains on its website. “[We] can deploy both via cloud and on-premise and go live within a matter of hours. Our scalable GPU edge appliance enables businesses to bring data processing directly to their environments and convert their property into a digital AI property. Video assets never leave the premise, ensuring the highest level of security and privacy.”
Beyond these solutions, Deep North developed products for particular use cases like social distancing and sanitation. The company offers products that monitor for hand-washing and estimate wait times at airport check-in counters, for example, as well as detect the presence of masks and track the status of maintenance workers on tarmacs.
“With Deep North’s mask detection capability, retailers can easily monitor large crowds and receive real-time alerts,” Deep North explains about its social distancing products. “In addition, Deep North … monitors schedules and coverage of sanitization measures as well as the total time taken for each cleaning activity … Using Deep North’s extensive data, [malls can] create tenant compliance scorecards to benchmark efforts, track overall progress, course-correct as necessary. [They] can also ensure occupancy limits are adhered to across several properties, both locally and region-wide, by monitoring real-time occupancy on our dashboard and mobile apps.”
Like most computer vision systems, Deep North’s were trained on datasets of images and videos showing examples of people, places, and things. Poor representation within these datasets can result in harm — particularly given that the AI field generally lacks clear descriptions of bias.
Previous research has found that ImageNet and Open Images — two large, publicly available image datasets — are U.S.- and Euro-centric, encoding humanlike biases about race, ethnicity, gender, weight, and more. Models trained on these datasets perform worse on images from Global South countries. For example, images of grooms are classified with lower accuracy when they come from Ethiopia and Pakistan, compared to images of grooms from the United States. And because of how images of words like “wedding” or “spices” are presented in distinctly different cultures, object recognition systems can fail to classify many of these objects when they come from the Global South.
Bias can arise from other sources, like differences in the sun path between the northern and southern hemispheres and variations in background scenery. Studies show that even differences between camera models — e.g., resolution and aspect ratio — can cause an algorithm to be less effective in classifying the objects it was trained to detect.
Tech companies have historically deployed flawed models into production. ST Technologies’ facial recognition and weapon-detecting platform was found to misidentify black children at a higher rate and frequently mistook broom handles for guns. Meanwhile, Walmart’s AI- and camera-based anti-shoplifting technology, which is provided by Everseen, came under scrutiny last May over its reportedly poor detection rates.
Deep North doesn’t disclose on its website how it trained its computer vision algorithms, including whether it used synthetic data (which has its own flaws) to supplement real-world datasets. The company also declines to say to what extent it takes into account accessibility and users with major mobility issues.
In an email, Sanil claimed that Deep North “has one of the largest training datasets in the world,” derived from real-world deployments and scenarios. “Our human object detection and analysis algorithms have been trained with more than 130 million detections, thousands of camera feeds, and various environmental conditions while providing accurate insights for our customers,” he said. “Our automated and semi-supervised training methodology helps us build new machine learning models rapidly, with the least amount of training data and human intervention.”
In a follow-up email, Sanil added: “Our platform detects humans, including those with unique gaits, and those that use mobility aids and assistive devices. We don’t do any biometric analysis, and therefore there is no resulting bias in our system … In the simplest terms, the platform interprets everything as an object whether it’s a human or a shopping cart or a vehicle. We provide object counts entering or exiting a location. Our object counting and reporting is not influenced by specific characteristics.” He continued: “We have a large set of labeled data. For new data to be labeled, we need to classify some of the unlabeled data using the labeled information set. With the semi-supervised process we can now expedite the labeling process for new datasets. This saves time and cost for us. We don’t need annotators, or expensive and slow processes.”
Privacy and controversy
While the purported goal of products like Deep North’s are health, safety, and analytics, the technology could be coopted for other, less humanitarian intents. Many privacy experts worry that they’ll normalize greater levels of surveillance, capturing data about workers’ movements and allowing managers to chastise employees in the name of productivity.
Deep North is no stranger to controversy, having reportedly worked with school districts and universities in Texas, Florida, Massachusetts, and California to pilot a security system that uses AI and cameras to detect threats. Deep North claims that the system, which it has since discontinued, worked with cameras with resolutions as low as 320p and could interpret people’s behavior while identifying objects like unattended bags and potential weapons.
Deep North is also testing systems in partnership with the U.S. Transportation Security Administration, which furnished it with a grant last March. The company received close to $200,000 in funding to provide metrics like passenger throughput, social distancing compliance, agent interactions, and bottleneck zones as well as reporting of unattended baggage, movement in the wrong direction, or occupying restricted areas.
“We are humbled and excited to be able to apply our innovations to help TSA realize its vision of improving passenger experience and safety throughout the airport,” Sanil said in a statement. “We are committed to providing the U.S. Department of Homeland Security and other government entities with the best AI technologies to build a safer and better homeland through continued investment and innovation.”
Deep North admitted in an interview with Swedish publication Breakit that it offers facial characterization services to some customers to estimate age range. And on its website, the startup touts its technologies’ ability to personalize marketing materials depending on a person’s demographics, like gender. But Deep North is adamant that its internal protections prevent it from ascertaining the identity of any person captured via on-camera footage.
“We have no capability to link the metadata to any single individual. Further, Deep North does not capture personally identifiable information (PII) and was developed to govern and preserve the integrity of each and every individual by the highest possible standards of anonymization,” Sanil told TechCrunch in March 2020. “Deep North does not retain any PII whatsoever, and only stores derived metadata that produces metrics such as number of entries, number of exits, etc. Deep North strives to stay compliant with all existing privacy policies including GDPR and the California Consumer Privacy Act.”
To date, 47-employee Deep North has raised $42.3 million in venture capital.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.
Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
up-to-date information on the subjects of interest to you
gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
Albemarle certainly isn’t a household name, but it’s a major US-based producer of chemicals, particularly those used in the production of lithium batteries. Lithium batteries are key to all manner of electronic devices and are particularly critical for electric vehicles. The company has announced that it opened a Battery Materials Innovation Center (BMIC) and its Kings Mountain, North Carolina site.
The BMIC will be fully operational in July 2021 and will support the company’s lithium hydroxide, lithium carbonate, and advanced energy storage materials platforms. The facility is designed to enable the synthesis of new materials, material property characterization, and analysis. It also supports material scale-up capabilities and material integration into battery cells for performance testing.
The facility has a dry room with a multi-layer pouch cell line that can create cell phone-sized batteries to demonstrate critical aspects of performance and accelerate the transition of new products to customers. BMIC will also develop lithium metal anode technology to increase battery energy density using advanced lithium metal ruling to achieve lithium foils 20 microns thick. Twenty microns is about one-fifth the average thickness of a human hair.
The facility will demonstrate lithium foils even thinner with a thickness of 3 to 5 microns using new technologies currently under development. Albemarle says that its BMIC provides realistic and relevant cell building capability to generate data for next-generation battery material design. The company will leverage the resources to optimize the materials for creating a drop-in solution for customers to help deliver high-performance and cost-effective batteries to the electric vehicle market.
Albemarle is the only US-based producer of lithium metal anodes. The company says novel materials developed in its labs will enable the next frontier of lithium-ion battery performance. Moving from conventional graphite battery anodes to lithium metal offers the potential to double energy density and reduce cost by as much as 50 percent.
The Justice Department unsealed charges Wednesday for three North Korean computer programmers accused of conspiring to extort over $1.3 billion from banks and other businesses across the globe, as first reported by The Washington Post.
In 2018, the Justice Department brought charges against one North Korean operative, Park Jin Hyok, for their involvement in the infamous Sony Pictures hack in 2014, as well as the devastating 2017 WannaCry ransomware attack. In Wednesday’s unsealed indictment, Park and others are accused of participating in a sweeping conspiracy to hack into banks and crypto exchanges as well as creating the WannaCry virus.
“North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of stacks of cash, are the world’s leading bank robbers,” Assistant Attorney General John C. Demers said in a statement Wednesday. “The Department will continue to confront malicious nation state cyber activity with our unique tools and work with our fellow agencies and the family of norms abiding nations to do the same.”
The indictment was filed in December and alleges that the defendants work for North Korea’s military intelligence agency, the Reconnaissance General Bureau. The DOJ says that the defendants targeted cryptocurrency exchanges, stealing millions from banks and businesses around the world. They are also accused of multiple phishing campaigns from March 2016 to February 2020 targeting US military contractors, energy and technology companies, and the State and Defense departments.
The victims of this wide-ranging hacking conspiracy vary from the Central Bank of Bangladesh to cryptocurrency companies based in South Korea, Indonesia, and Slovenia, according to the indictment.
“Simply put, the regime has become a criminal syndicate with a flag,” Demers said on Wednesday.
Apple’s App Store has been in the center of some high-profile controversy and rhetoric last year when Epic Games made a bold move that, according to some sources, has been planned months ahead. An action as simple as offering a different in-app purchasing method set off a chain that now involves lawsuits filed across several countries, all of them accusing Apple and Google of monopolistic practices. Although this proposed bill in a single US state doesn’t directly reference the Apple vs. Epic Games tussle, its effects, if passed, will turn things in the game developer’s favor.
It’s hard to argue that the ripples that Epic Games started influenced North Dakota Senate Bill 2333, especially since it pretty much addresses the complaints raised by Epic and the newly-founded Coalition for App Fairness. The group bemoaned the current industry practice of locking users and developers into a platform’s app store and payment system, which often takes a hefty cut of the profits. While the complaints also include Google and its Play Store, the coalition specifically names Apple as the biggest culprit.
The bill has three main restrictions that, not by coincidence, address Epic Games’ complaints. It prohibits a “digital application distribution platform”, a.k.a. an app store, from requiring a specific, exclusive distribution platform, locking them into a single in-application payment system, and retaliating against them should they choose an alternative method. In other words, Apple would have to open up iOS to other app stores and can’t get back at developers for not choosing its own App Store.
Even if passed, the law would only be enforceable in North Dakota but it would still force Apple to make sweeping changes to iOS across the board anyway. In its testimony against the new bill, Apple’s chief privacy engineer Erik Neuenschwander warned that this could “destroy iPhone as you know it” for the simple fact that it undermines the strong privacy and security features that are built into the mobile platform.
Of course, there is also no shortage of proponents who accuse Apple of exaggerating its effects. It could take a while before North Dakota even decides on the bill and you can bet that Apple and Google will pull all influence they could muster to stop it from becoming law.
Denmark has announced an agreement for the construction of an energy hub in the North Sea. It will construct the energy hub on an artificial island 80 kilometers from the shore of the peninsula Jutland. The artificial island will be owned by a public-private partnership to strengthen the integration of Europe’s power grids and increase renewable energy production as Europe reaches for climate neutrality.
Denmark has set a cutoff date of 2050 for gas extraction in the North Sea and canceled all future licensing grounds for drilling. With the new agreement for the construction and ownership of the world’s first energy hub in the North Sea, Denmark is taking a big step towards its green goals.
Officials on the project say that it will produce a previously unseen amount of green electricity and is viewed as one of the government’s flagship projects. Once the project is fully implemented, it will produce enough electricity to cover the consumption of 10 million European households. The energy hub will serve as an offshore powerplant to gather and distribute grid electricity from hundreds of wind turbines surrounding the island directly to consumers in countries surrounding the North Sea.
The island will have a total area of at least 120,000 square meters and, in its first phase, will provide 3 million European households with green energy. The project is a partnership between the Danish state and private companies. However, the state will own most of the island, with private companies fulfilling crucial roles on innovation, flexibility, cost-effectiveness, and business potentials.
Denmark considers this the dawn of a new era for energy and a decisive step for a clean energy future. The artificial island offers opportunities to expand the project by building a harbor and facilities for storing green electricity from nearby wind turbines in the sea. The long-term ambition is to store green electricity on the island, convert it to liquid green fuel, and send it via subsea cables in Denmark and neighboring countries.
Cyberattacks that originated in North Korea and Russia have been targeting companies conducting research for COVID-19 vaccines and treatments, Microsoft said in a new blog post. The company says the attacks were aimed at seven leading pharmaceutical companies and researchers in the US, Canada, France, India, and South Korea.
“Among the targets, the majority are vaccine makers that have COVID-19 vaccines in various stages of clinical trials,” according to the blog post by Tom Burt, Microsoft corporate vice president of customer security and trust. Microsoft didn’t name the companies, or provide details about what information may have been stolen or compromised, but said it had notified the organizations and offered help where the attacks were successful.
According to Microsoft, the majority of the attacks were blocked by its security protections.
The hackers used various methods to carry out the attacks, according to the blog post, including brute force login attempts to steal login credentials, as well as spear-phishing attacks where the hackers posed as recruiters seeking job candidates, and as representatives of the World Health Organization.
“It’s disturbing that these challenges have now merged as cyberattacks are being used to disrupt health care organizations fighting the pandemic,” Burt wrote. “We think these attacks are unconscionable and should be condemned by all civilized society.”
New coronavirus cases are on the rise across the US and other parts of the world, but there are some promising signs in the development of a vaccine. Pfizer and BioNTech announced their vaccine was 90 percent effective at preventing symptomatic COVID-19 in clinical trials. That preliminary data hasn’t been examined by independent researchers yet, but experts called the news “extremely encouraging.” And a vaccine candidate from Moderna is expected to release initial data soon.