TikTok is gearing up to shut down its app for U.S. users this Sunday, the day a federal law banning the app takes effect—unless the Supreme Court steps in to block the ban, according to The Information, which cited two […]
The post TikTok plans for immediate shutdown in the U.S. this Sunday, January 19 first appeared on Tech Startups.
The United States, Japan and South Korea have issued a warning against North Korean threat actors, who are actively and aggressively targeting the cryptocurrency industry. In their joint advisory, the countries said threat actor groups affiliated with the Democratic People's Republic of Korea (DPRK) continue to stage numerous cybercrime campaigns to steal cryptocurrency. Those bad actors — including the Lazarus hacking group, which the US believes has been deploying cyber attacks all over the world since 2009 — target "exchanges, digital asset custodians and individual users." And apparently, they stole $659 million in crypto assets in 2024 alone.
North Korean hackers have been using "well-disguised social engineering attacks" to infiltrate their targets' systems, the countries said. They also warned that the actors could get access to systems owned by the private sector by posing as freelance IT workers. Back in 2022, the US issued guidelines on how to identify potential workers from North Korea, such as how they'd typically log in from multiple IP addresses, transfer money to accounts based in the People's Republic of China, ask for crypto payments, have inconsistencies with their background information and be unreachable at times during their supposed business hours.
Once the bad actors are in, they then usually deploy malware, such as keyloggers and remote access tools, to be able to steal login credentials and, ultimately, virtual currency they can control and sell. As for where the stolen funds go: The UN issued a report in 2022, revealing its investigators' discovery that North Korea uses money stolen by affiliated threat actors for its missile programs. "Our three governments strive together to prevent thefts, including from private industry, by the DPRK and to recover stolen funds with the ultimate goal of denying the DPRK illicit revenue for its unlawful weapons of mass destruction and ballistic missile programs," the US, Japan and South Korea said.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/north-korea-stole-659-million-in-crypto-assets-last-year-the-us-says-133029741.html?src=rss©
© nadia_bormotova via Getty Images
Following its ransomware attack, Change Healthcare used website code to hide the data breach notice from search engines.
© 2024 TechCrunch. All rights reserved. For personal use only.
The Trade Desk intends to acquire ad data firm Sincera, marking only its second acquisition since it launched in 2009 — a rare move for a company that usually builds, not buys.
Financial terms weren’t disclosed, but when the deal closes, expected in the first quarter, Sincera’s co-founder and CEO, Mike O’Sullivan, will report directly to The Trade Desk’s CEO, Jeff Green.
The move arms the ad tech vendor with more data to convince publishers that ads running through its platform outperform the rest of the programmatic market. In fact, Sincera’s data powered The Trade Desk’s recent “Sellers and Publishers,” spotlighting where advertising value is migrating across the premium, open internet.
Continue reading this article on digiday.com. Sign up for Digiday newsletters to get the latest on media, marketing and the future of TV.
An AI app for creating nonconsensual nude images of anyone is getting the vast majority of its traffic directly from Meta platforms, where the app is buying thousands of explicit ads featuring nonconsensual nudity of celebrities and influencers. The blatant and repeated violation of Meta’s policies over the course of months is making a mockery of the company’s ability or willingness to moderate a known bad actor that at the moment appears to get the majority of its users by paying Meta directly for ads.
The app, known as Crushmate or Crush AI, has been buying ads on Facebook, Instagram, and other Meta platforms since at least early September. As first reported by Alexios Mantzarlis in his Faked Up newsletter, according to internet traffic analysis firm Similarweb, three of the domains Crush uses had around 240,000 visitors combined, with 90 percent of that traffic coming from Facebook or Instagram.
I’ve seen Meta remove some of these ads since September, but at the time of writing the same three domains that were advertised on Meta platforms and redirected to Crushmate’s services had around 350 active ads and more than 5,000 ads overall.
Most of the recent ads use the same format. They take a video a woman posted to Instagram or TikTok and show how a user can pause the video on any frame and create a nude image of her. Many of the ads, which are still active, do this to videos of the extremely popular OnlyFans creator Sophie Rain, who made headlines recently for making $43 million in one year on OnlyFans. As Mantzarlis points out, one ad nudifies Mikayla Demaiter, a model with 3.2 million followers on Instagram. Rain and Demaiter did not respond to a request for comment.
Two of the Crushmate ads
Other ads feature other real women I wasn’t able to identify and AI generated women with their clothes being “erased” by the app.
In early September, a 404 Media reader also tipped me that Crushmate was advertising its services on Facebook Marketplace.
I’ve confirmed that all these ads lead to the same Crushmate service that will create nonconsensual nude images and offers some of its services via a subscription plan.
I’ve recently reported about Meta running ads that feature explicit nudity, including dozens of ads that are just close up images of vaginas. I’ve also reported repeatedly about “nudify” apps buying ads on Meta platforms. When we’ve flagged these ads to Meta in the past, they removed them. Meta has also removed associated Facebook pages that are buying the ads, but Crushmate has found an easy workaround that is clearly paying off: It creates multiple Facebook pages with AI-generated profile images that look like normal people, then buys ads promoting new, different URLs that redirect to to Crushmate.
Two of the fake Facebook profiles buying Crushmate ads.
Meta did not respond to specific questions about why it’s not detecting and removing the offending ads for featuring nonconsensual nudity. As I reported last week, extensive testing by AI Forensics, a European non-profit that investigates influential and opaque algorithms, found that nudity uploaded to Instagram and Facebook as a normal user was promptly removed for violating Meta’s Community Standards. The same exact visuals were not removed when they were uploaded as ads, showing that Meta has a different standard for enforcement when it’s getting paid to push images in front of users.
“Meta prohibits ads that promote adult sexual exploitation. We have removed the violating content, enforced against violating urls, and have taken action against the associated accounts and users,” a Facebook spokesperson told me in a statement. “This is a highly adversarial space and bad actors are constantly evolving their tactics to avoid enforcement, which is why we continue to invest in the best tools and technology to help identify and remove violating content.”
Meta removed the ads promoting the three Crushmate domains after Mantzarlis flagged them to the company. Around 230 of the same ads promoting a fourth Crushmate domain Mantzarlis found after reaching out for comment are still live on Meta’s platforms.
As we’ve previously reported, these nudify apps are some of the most harmful applications of generative AI because they make it so easy to create nonconsensual images of anyone. In the last two years, we’ve seen several examples of these apps being used by minors to create images of other minors. Last year, a survey found that 1 in 10 minors reported that their friends or classmates have used AI tools to generate nudes of other kids. As the Crushmate ads show, minors don’t need to go to the dark corners of the web in search of these tools. Meta is getting paid to popularize them.
A fun piece of Apple history has been revealed thanks to a look at how Sonos started and where it is headed. It turns out that ‘father of the iPod‘ Tony Fadell wanted Apple to buy the premium audio company.
Fadell tried to persuade Steve Jobs to do so, but Apple’s co-founder refused, saying that he instead wanted to sue the company …
more…
Honor’s flagship Magic 7 Pro launches in the UK and Europe today, powered by the Snapdragon 8 Elite and protected by top-tier water-resistance. It also features a high resolution 200 megapixel telephoto camera.
Arriving a week after the OnePlus 13 and a week before we expect to meet Samsung’s Galaxy S25 phones, the Magic 7 Pro is among the first phones to release outside of China with Qualcomm’s new chipset inside. That makes it one of the most powerful phones on the market, especially with 12GB of RAM. It also features a sizable 5,270mAh battery built around a silicon-carbon chemistry, allowing it to pack more energy into a smaller space with the Magic 7 Pro measuring just 8.8mm thick.
Much like the new OnePlus phone — and, unexpectedly, Motorola’s $299.99 Moto G Power, which launched in the US yesterday — the Magic 7 Pro is both IP68 and IP69-rated. That means that in addition to the usual protection from dust and submersion in water, it should survive exposure to steam and high-pressure water jets — ideal if you regularly use your phone in a jacuzzi, probably overkill for the rest of us.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25832270/HONOR_Magic7_Pro_Gray_Side_Right_RGB_JPG_800x800.jpg)
Image: Honor
Also unusual is the phone’s 200 megapixel 3x periscopic camera. We’ve seen megapixel counts as high as this before, but mostly on main cameras, not zoom lenses — with the exception of Vivo’s X100 Ultra and X200 Pro. It’s bolstered by an AI Super Zoom feature that kicks in at 30x zoom for added clarity, with this and a few other camera AI modes using a combination of on-device and cloud-based large language models to fine-tune images.
There’s even more AI than that, since it ships with Android 15 and Google’s Gemini AI app, which Honor has bolstered with its own AI-powered takes on translation and notes apps.
The Magic 7 Pro launched in China last November, but this is its first appearance outside of the country. Honor is one of several Chinese smartphone manufacturers that saw growth in global market share in 2024, thanks in part to last year’s flagship Magic 6 series and the Magic V3, still the thinnest foldable phone available.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25832274/left_img1.png)
Image: Honor
For its European launch the Pro is joined by the Magic 7 Lite, a midrange handset that uses the comparatively sluggish Snapdragon 6 Gen 1 chip and arrives still running Android 14. The selling point of that phone is its enormous 6,600mAh battery, which Honor claims will run for three days. There’s no sign of the regular Magic 7, which launched alongside the Pro in China.
The Magic 7 Pro is available to order now from honor.com starting at £1,099.99 / €1,299 (about $1,340), with major retailers and local carriers set to stock it too. The Magic 7 Lite is much cheaper at £399.99 / €369, and also available now.
A SpaceX Falcon 9 rocket lifted off from Cape Canaveral on Wednesday morning carrying two private lunar landers into orbit in support of NASA’s future Artemis landing crews. The Blue Ghost and Resilience landers, built by Texas-based Firefly Aerospace and Japan’s iSpace aerospace firms respectively, aim to provide data on the Moon’s environment and test technologies that will help to one day return astronauts to the lunar surface.
The SpaceX launch and private lander contracts are the latest to fall under NASA’s Commercial Lunar Payload Services (CLPS) initiative — the first phase of the Artemis moon exploration program that’s set to launch its first crewed mission in April 2026. Following the Falcon 9’s first stage successfully separating and touching down back on Earth after launch, Blue Ghost was delivered to a lunar transfer orbit by the rocket’s second stage about 65 minutes after liftoff, with Resilience being deployed about 30 minutes later.
Falcon 9 launches two lunar landers to the Moon for @Firefly_Space and @ispace_inc pic.twitter.com/Jrb8MZcycp
— SpaceX (@SpaceX) January 15, 2025
Blue Ghost Mission 1 will now spend approximately 45 days making its way to the Moon, where it’s then targeting to land near a volcanic feature within the 300-mile-wide Mare Crisium basin. There are 10 payloads from NASA-funded customers aboard the lander that will carry out a variety of environmental tests to study things like lunar dust, electric and magnetic fields, and satellite navigation signals.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25832222/Blue_Ghost_Mission_1.jpg)
Image: Firefly Aerospace
Resilience has a longer journey ahead. Its more energy-efficient gravity-propelled route will take the lander about 4-5 months to land on the Moon’s surface. Once there, it has six commercial payloads to deploy, including a radiation probe, water electrolyzing equipment, food production experiments, and a camera-equipped “Micro Rover” that will collect lunar samples. The collected material will be “the sole property of NASA” for use under the Artemis program, but the agency hasn’t yet determined how the samples will be retrieved.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25832221/ispace_m2_ms_us_Low_fix_241217_1200x675.jpg)
Image: iSpace
Both of the private landers will have a full lunar day (about two weeks) to conduct their research operations before the harsh cold of lunar night is expected to render them inoperable.
“This mission embodies the bold spirit of NASA’s Artemis campaign – a campaign driven by scientific exploration and discovery,” said NASA Deputy Administrator Pam Melroy. “Each flight we’re part of is [a] vital step in the larger blueprint to establish a responsible, sustained human presence at the Moon, Mars, and beyond. Each scientific instrument and technology demonstration brings us closer to realizing our vision.”
DJI has lifted its geofence that prevents users in the US from flying over restricted areas like nuclear power plants, airports and wildfires, the company wrote in a blog post on Monday. As of January 13th, areas previously called "restricted zones" or no-fly zones will be shown as "enhanced warning zones" that correspond to designated Federal Aviation Administration (FAA) areas. DJI's Fly app will display a warning about those areas but will no longer stop users from flying inside them, the company said.
In the article, DJI wrote that the "in-app alerts will notify operators flying near FAA designated controlled airspace, placing control back in the hands of the drone operators, in line with regulatory principles of the operator bearing final responsibility." It added that technologies like Remote ID [introduced after DJI implemented geofencing] gives authorities "the tools needed to enforce existing rules," DJI's global policy chief Adam Welsh told The Verge.
Still, the update is an odd one, given that DJI is already on shaky ground in the US and could be banned from selling its products stateside as early as next year. DJI's former head of policy, Brendon Schulman, criticized the move on Twitter in a series of posts. "There was substantial evidence over the years that automatic drone geofencing, implemented using a risk-based approach, contributed significantly to aviation safety," he wrote.
This is a remarkable shift in drone safety strategy with a potentially enormous impact, especially among drone pilots who are less aware of airspace restrictions and high-risk areas. https://t.co/YJOpe2gcZe
— Brendan Schulman (@dronelaws) January 14, 2025
There's also an issue with drones weighing less than 250 grams. Those models were previously geofenced via GEO in restricted areas to prevent inadvertent flight into restricted locations. However, the update will remove that geofencing, and Remote ID can be flicked off on those lightweight drones.
In fact, that's exactly what happened last week when sub-250-gram DJI model damaged the wing of a Canadair Super Scooper airplane fighting Los Angeles wildfires, putting it temporarily out of commission. That drone may not have been transmitting a remote ID, so FBI said it will need to use "investigative means" instead to find the pilot.
DJI first implemented the geofence (called GEO) around airports in 2013, and added new zones in 2015 and 2016, after a drone crash-landed on the White House lawn. It did this voluntarily, as the FAA only requires that operators are warned about restricted areas where flying is banned. Now, though, the onus will be 100 percent on the operator to keep out of no-fly zones.
"DJI reminds pilots to always ensure flights are conducted safely and in accordance with all local laws and regulations. For flights conducted in Enhanced Warning Zones, drone operators must obtain airspace authorization directly from the FAA and consult the FAA’s No Drone Zone resource for further information," it wrote.
This article originally appeared on Engadget at https://www.engadget.com/cameras/dji-will-no-longer-block-us-users-from-flying-drones-in-restricted-areas-130051778.html?src=rss©
© Steve Dent for Engadget
Hinge today launched a new AI-powered feature called “Prompt Feedback,” which aims to improve your dating profile by analyzing how you answer prompts and assessing if it needs to be more specific or authentic. Powered by OpenAI’s GPT-4o mini, Prompt Feedback evaluates each response and offers personalized advice tailored to help you share interesting details […]
© 2024 TechCrunch. All rights reserved. For personal use only.
We know from previous Apple patents that the company is hard at work figuring out ways of embedding Face ID in the display of future iPhones.
The biggest barrier here is that the infrared light needed for Face ID doesn’t travel well through a display – but a newly-granted Apple patent suggests that the company may have figured out a solution …
more…
