8Jan
    North Korea’s Cyber Heist: DPRK Hackers Stole $600 Million in Cryptocurrency in 2023

    Threat actors affiliated with the Democratic People’s Republic of Korea (also known as North Korea) have plundered at least $600 million in cryptocurrency in 2023.

    The DPRK “was responsible for almost a third of all funds stolen in crypto attacks last year, despite a 30% reduction from the USD 850 million haul in 2022,” blockchain analytics firm TRM Labs said last week.

    “Hacks perpetrated by the DPRK were on average ten times as damaging as those not linked to North Korea.”

    There are indications that additional breaches targeting the crypto sector towards the end of 2023 could push this figure higher to around $700 million.

    The targeting of cryptocurrency companies is not new for North Korean state-sponsored actors, who have stolen about $3 billion since 2017.

    These financially motivated attacks are seen as a crucial revenue-generation mechanism for the sanctions-hit nation, funding its weapons of mass destruction (WMD) and ballistic missile programs.

    The intrusions leverage social engineering to lure targets and typically aim to compromise private keys and seed phrases – which are used to safeguard digital wallets – and then use them to gain unauthorized access to the victims’ assets and transfer them to wallets under the threat actor’s control.

    “They are then swapped mostly for USDT or Tron and converted to hard currency using high-volume OTC brokers,” TRM Labs said.

    The company further noted that DPRK hackers continued to explore other money laundering tools after the U.S. Treasury Department sanctioned a crypto mixer service known as Sinbad for processing a chunk of their proceeds, indicating constant evolution despite law enforcement pressure.

    “With nearly USD 1.5 billion stolen in the past two years alone, North Korea’s hacking prowess demands continuous vigilance and innovation from business and governments,” TRM Labs said.

    6Jan
    SpectralBlur: New macOS Backdoor Threat from North Korean Hackers

    Cybersecurity researchers have discovered a new Apple macOS backdoor called SpectralBlur that overlaps with a known malware family that has been attributed to North Korean threat actors.

    “SpectralBlur is a moderately capable backdoor that can upload/download files, run a shell, update its configuration, delete files, hibernate, or sleep, based on commands issued from the [command-and-control server],” security researcher Greg Lesnewich said.

    The malware shares similarities with KANDYKORN (aka SockRacket), an advanced implant that functions as a remote access trojan capable of taking control of a compromised host.

    It’s worth noting that the KANDYKORN activity also intersects with another campaign orchestrated by the Lazarus sub-group known as BlueNoroff (aka TA444) which culminates in the deployment of a backdoor referred to as RustBucket and a late-stage payload dubbed ObjCShellz.

    In recent months, the threat actor has been observed combining disparate pieces of these two infection chains, leveraging RustBucket droppers to deliver KANDYKORN.

    The latest findings are another sign that North Korean threat actors are increasingly setting their sights on macOS to infiltrate high-value targets, particularly those within the cryptocurrency and the blockchain industries.

    “TA444 keeps running fast and furious with these new macOS malware families,” Lesnewich said.

    Security researcher Patrick Wardle, who shared additional insights into the inner workings of SpectralBlur, said the Mach-O binary was uploaded to the VirusTotal malware scanning service in August 2023 from Colombia.

    The functional similarities between KANDYKORN and SpectralBlur have raised the possibility that they may have been built by different developers keeping the same requirements in mind.

    What makes the malware stand out are its attempts to hinder analysis and evade detection while using grantpt to set up a pseudo-terminal and execute shell commands received from the C2 server.

    The disclosure comes as a total of 21 new malware families designed to target macOS systems, including ransomware, information stealers, remote access trojans, and nation-state-backed malware, were discovered in 2023, up from 13 identified in 2022.

    “With the continued growth and popularity of macOS (especially in the enterprise!), 2024 will surely bring a bevy of new macOS malware,” Wardle noted.

    8Nov
    Revolutionizing 3D Modeling with Metashop.ai: Video-Powered Creations

    Introduction

    In a world that is increasingly reliant on immersive and interactive content, 3D models have emerged as a valuable tool in various industries, from gaming and architecture to e-commerce and education. However, creating these models has traditionally been a time-consuming and resource-intensive task. Enter Metashop.ai, a groundbreaking platform that’s changing the game by harnessing the power of video to simplify and accelerate the 3D modeling process.

    In this blog post, we’ll explore how Metashop.ai is revolutionizing the world of 3D modeling by enabling users to create stunning models with the help of videos. We’ll dive into the platform’s key features, its potential applications, and how it’s changing the way we approach 3D modeling.

    The Power of Metashop.ai

    Metashop.ai is a 3D modeling platform that utilizes the latest advancements in artificial intelligence and computer vision to transform videos into 3D models. Its innovative approach allows users to create lifelike 3D models quickly and easily, without the need for complex software or extensive 3D modeling expertise. Here’s how it works:

    1. Video Input: Users start by uploading a video of the object or scene they want to turn into a 3D model. The video serves as a rich source of visual data.
    2. AI Processing: Metashop.ai’s powerful AI algorithms analyze the video, extracting essential information about the object’s shape, texture, and color. The platform is capable of handling a wide range of video sources, from simple smartphone recordings to professionally shot footage.
    3. Realistic 3D Model Output: Once the video is processed, Metashop.ai generates a high-quality 3D model that accurately reflects the content of the video. This model can be customized further, allowing users to tweak details and textures.

    Applications of Metashop.ai

    Metashop.ai’s video-powered 3D modeling has a broad range of applications across various industries:

    1. E-Commerce: Online retailers can use Metashop.ai to create 3D models of their products, enhancing the shopping experience by allowing customers to view items from all angles before making a purchase.
    2. Gaming and Entertainment: Game developers can use the platform to bring realistic 3D characters, objects, and environments to life, reducing development time and costs.
    3. Architecture and Design: Architects and interior designers can use Metashop.ai to convert 2D architectural plans and photographs into 3D models, aiding in project visualization and client communication.
    4. Education: Educators can use the platform to create interactive 3D models for teaching purposes, making complex subjects more accessible and engaging for students.
    5. Augmented Reality (AR) and Virtual Reality (VR): Metashop.ai’s 3D models can be integrated into AR and VR applications, providing immersive experiences for users.

    Benefits of Metashop.ai

    The advantages of Metashop.ai are numerous:

    1. Time and Cost Savings: Traditional 3D modeling can be time-consuming and expensive. Metashop.ai streamlines the process, reducing the time and resources required.
    2. Accessibility: You don’t need to be a 3D modeling expert to use Metashop.ai. Its user-friendly interface makes 3D modeling accessible to a wide range of professionals.
    3. Realism: The 3D models generated by Metashop.ai are highly realistic, capturing intricate details from the source video.
    4. Customization: Users can fine-tune their 3D models to match their specific needs, ensuring that the end result meets their expectations.

    Conclusion

    Metashop.ai is a game-changing platform that is redefining the 3D modeling landscape. By harnessing the power of videos, it empowers users in various industries to effortlessly create highly realistic 3D models with minimal effort. Whether you’re an e-commerce business looking to enhance your product displays or a game developer aiming to bring your virtual worlds to life, Metashop.ai offers a streamlined and cost-effective solution. As the world of 3D modeling continues to evolve, Metashop.ai is undoubtedly leading the charge into a more accessible and exciting future.