A newly disclosed Linux kernel flaw dubbed "Copy Fail" can let a local, unprivileged attacker gain root access on major Linux distributions, with researchers claiming the bug affects kernels shipped since 2017. "The POC exploit works out of the box today, but a future version that can escape from containers like Docker is promised soon," writes Slashdot reader tylerni7. "Technical details are available here." Slashdot reader BrianFagioli shares a report from NERDS.xyz: A newly disclosed Linux kernel vulnerability called Copy Fail (CVE-2026-31431) allows an unprivileged user to gain root access using a tiny 732-byte script, and it works with unsettling consistency across major distributions. Unlike older exploits that relied on race conditions or fragile timing, this one is a straight-line logic flaw in the kernel's crypto subsystem. It abuses AF_ALG sockets and splice to overwrite a few bytes in the page cache of a target file, such as /usr/bin/su. Because the kernel executes from the page cache, not directly from disk, the attacker can inject code into a setuid binary in memory and immediately escalate privileges.

What makes this especially concerning is how quiet it is. The file on disk remains unchanged, so standard integrity checks see nothing wrong, while the in-memory version has already been tampered with. The same primitive can also cross container boundaries since the page cache is shared, raising the stakes for multi-tenant environments and Kubernetes nodes. The underlying issue traces back to an in-place optimization added years ago, now being rolled back as part of the fix. Until patched kernels are widely deployed, this is one of those bugs that feels less like a theoretical risk and more like a practical, reliable path to full system compromise.

Ancient Slashdot reader Alain Williams shares a report from the BBC: The Trump family's World Liberty crypto venture is being sued by one of its billionaire backers over allegations of extortion. Justin Sun has accused World Liberty of an "illegal scheme" to seize his WLFI tokens, a cryptocurrency issued by the company. Sun alleges the firm, co-founded by U.S. President Donald Trump and his son Eric Trump, has "frozen" all of his tokens and stripped him of his right to vote on governance issues.

[...] Sun alleged that those running World Liberty, including another co-founder, Chase Herro, are using it as a "golden opportunity to leverage the Trump brand to profit through fraud." In his complaint, filed on Tuesday in a San Francisco federal court, Sun argues that initial promises to give token-holders the option to trade the currency in future "were false and misleading." While the tokens at large became tradeable, Sun said World Liberty has blocked him from being able to sell a single one, and is now threatening to "burn" his - deleting them entirely. WLFI said in a post on X: "Does anyone still believe @justinsuntron? Justin's favorite move is playing the victim while making baseless allegations to cover up his own misconduct. Same playbook, different target. WLFI isn't the first. We have the contracts. We have the evidence. We have the truth. See you in court pal."

An anonymous reader quotes a report from Bloomberg, written by writer Austin Carr: Allbirds is pivoting to artificial intelligence. The San Francisco brand, whose wool running shoes were once the sneaker du jour among the tech crowd, announced last week that it was expanding into AI computing infrastructure. The bizarre strategic shift was immediately greeted with a surprising frenzy on Wall Street, where shares of Allbirds soared 582% last Wednesday before dropping the next day. [...] Of course, the absurdity of Allbirds' situation echoed familiar Silicon Valley tropes -- from the endless startup pivots of the 2010s to the more recent boom-and-bust cycles of arbitrarily valued crypto coins. But it immediately reminded me of the marketing ploys of the dot-com crash. After all, some of the more iconic fails ended up being retailers such as Pets.com, Webvan, etc., riding the web wave with little to show for it beyond terrible margins.

One particular comparison from that period stands out as relevant to Allbirds: Zap.com. The holding company behind it, Zapata Corp., had a long and convoluted history, but was essentially selling fish-oil products by the time it decided to reinvent itself as an internet portal. It amassed a variety of web properties -- in media, e-commerce, gaming and so on -- and even once tried to acquire the search engine Excite. Spoiler alert: Zap flopped. Jen Heck, then a young employee at one of Zap's up-and-coming portfolio entities, remembers how quickly the hype of that web 1.0 turned to hell. As absurd as Zapata's pivot sounds today, it seemed feasible during the excitement of the internet revolution. "We went from like, 'Wow, this life thing is just so easy,' to it all ending so suddenly," Heck recalls. The ones who survived that tech bubble, she says, actually had differentiated products and the right creative thinkers building them -- and weren't just cynically jumping on the latest hot trend. "'Internet' was the magic word then, and 'AI' is the magic word now," Heck says.

Zoom "has partnered with World, Sam Altman's iris-scanning identity company (previously known as Worldcoin), " reports Digital Trends, "to add real-time human verification inside meetings." Zoom is now inviting organizations to join the beta version of the rollout, which Digital Trends says "lets hosts confirm that every face on the call belongs to a real person, not an AI-generated imposter. " For those wondering how World's Deep Face technology works, it includes a three-step process. It cross-references a signed image from a user's original Orb registration, a live face scan from the device, and the frame of the video that's visible to the other participants in the meeting. Only when the three samples match does a "Verified Human" badge appear next to the user's name...

Hosts can also make Deep Face verification mandatory for joining meetings, preventing unverified participants from joining entirely. Mid-call, on-the-spot checks are also possible...

Forbes estimates he's worth roughly $110 billion, "placing him ahead of Bill Gates."

And now Changpeng Zhao, the 49-year-old billionaire founder of Binance, "has written a memoir..." It arrives with the unmistakable timing of a man determined to tell the world his version of his meteoric crypto rise and fall, and foreshadow his comeback. The book, Freedom of Money: A Memoir of Protecting Users, Resilience, and the Founding of Binance, runs 364 pages, self-published in English and Chinese.... Zhao also recounts Binance's long battle with U.S. regulators, the company's record $4.3 billion settlement for fostering unscrupulous money launderers, his four-month prison sentence in California, where he says he began writing the book, and his recent pardon by President Trump...

In Zhao's telling, the case brought by multiple U.S. agencies was less about what Binance had done than about what it had become... "It didn't make sense to me, or any of my lawyers. Other than the fact that we were the biggest in the industry." The U.S. government alleged something more specific: that Binance failed to implement programs to prevent or report suspicious transactions — including those tied to Hamas's Al-Qassam Brigades, Al Qaeda, and ISIS — while also processing trades between U.S. users and those in sanctioned jurisdictions like Iran, North Korea, and Syria. In total, regulators alleged the exchange willfully failed to report more than 100,000 suspicious transactions, including those involving terrorist organizations, ransomware attackers, child sexual exploitation material, frauds and scams... The final settlement amount — $4.3 billion, split across the Department of Justice, the Department of the Treasury's Financial Crimes Enforcement Network, the Office of Foreign Assets Control and the U.S. Commodity Futures Trading Commission — was the largest corporate penalty in the history of nearly each agency involved. Attorney General Merrick B. Garland said at the time of the announcement: "Binance became the world's largest cryptocurrency exchange in part because of the crimes it committed."

The prison passages are among the most vivid in the book. Zhao says he was worried about extortion because the media had reported he was the richest person in U.S. prison history, but then realized no one read the WSJ or Bloomberg or recognized him. Zhao also writes about the food, the routines and the specific indignity of confinement, including sharing a cell with a man serving 30 years for killing two people... Writes Zhao of his cellmate, "Soon, I discovered that the most lethal thing about him wasn't his murder conviction, it was his snoring. He snored more loudly than thunder strikes, the sound of which rose even above the constant toilet flushings."
Binance at one point held a roughly 20% stake in Sam Bankman-Fried's FTX and about $580 million in FTT tokens, the article points out. "As FTX neared collapse in late 2022, Zhao writes, Sam Bankman-Fried called to ask for a couple of billion dollars 'nonchalantly, as if he was asking for a bologna sandwich.'

"Some believe that Binance's brief show of interest in acquiring FTX, followed by its abrupt withdrawal from the deal, hastened FTX's spiral into bankruptcy..."

Thanks to long-time Slashdot reader destinyland for sharing the article.

An anonymous reader quotes a report from the Financial Times: Iran will demand that shipping companies pay tolls in cryptocurrency for laden oil tankers passing through the Strait of Hormuz (source paywalled; alternative source), as it seeks to retain control over passage through the key waterway during the two-week ceasefire. Hamid Hosseini, a spokesperson for Iran's Oil, Gas and Petrochemical Products Exporters' Union, told the FT on Wednesday that Iran wanted to collect tolling fees from any tanker passing and to assess each ship.

"Iran needs to monitor what goes in and out of the strait to ensure these two weeks aren't used for transferring weapons," said Hosseini, whose industry association works closely with the state. "Everything can pass through, but the procedure will take time for each vessel, and Iran is not in a rush," he added. [...] Hosseini said that each tanker must email authorities about its cargo, after which Iran will inform them of the toll to be paid in digital currencies.

He said that the tariff is $1 per barrel of oil, adding that empty tankers can pass freely. "Once the email arrives and Iran completes its assessment, vessels are given a few seconds to pay in Bitcoin, ensuring they can't be traced or confiscated due to sanctions," Hosseini added.

An anonymous reader quotes a report from the New York Times: President Javier Milei of Argentina promoted a cryptocurrency last year that quickly skyrocketed in value then cratered just as fast, costing investors millions of dollars and setting off a scandal and an investigation. Mr. Milei said he was simply highlighting a private venture and had no connection to the digital coin called $Libra. New evidence is now raising questions about his assertion. Phone logs from a federal investigation by Argentine prosecutors into the coin's collapse show seven phone calls between Mr. Milei and one of the entrepreneurs behind the cryptocurrency on the night in 2025 when Mr. Milei posted about $Libra on X. The contents of the calls, which took place before and after Mr. Milei's post, are not known.

But the phone logs -- which were obtained by The New York Times and first reported by a local cable news channel, C5N -- suggest a greater degree of communication between Mr. Milei and the entrepreneurs who launched the token than what the president has publicly acknowledged. Newly uncovered messages also suggest Mr. Milei received regular payments from one of the entrepreneurs while he was a congressman. Mr. Milei has not publicly commented on the call logs and other documents, and he did not respond to a request for comment. He is named as a person of interest in the federal prosecutor's continuing investigation into the digital coin, according to court documents reviewed by The Times, but has not been formally charged with any crime. The latest revelations have revived a scandal that threatens the very foundation of a president who rose to power and was elected president in 2023 by attacking a political class he called corrupt.

BrianFagioli writes: A new iOS exploit chain called DarkSword shows how attackers can break into certain iPhones, grab sensitive data like messages, credentials, and even crypto wallets, and then disappear without leaving obvious traces. It targets older iOS 18 builds using Safari and WebGPU flaws to escape Apple's sandbox, which is pretty wild on its own, but what really stands out is how fast it works and how financially motivated these attacks have become. The takeaway is simple but important, update your iPhone ASAP and don't assume mobile devices are somehow safer than desktops anymore.

Last June Texas Agriculture Commissioner Sid Miller said in a statement that Texans "have a God-given right to know what's on their plate, and for millions of Texans, it better come from a pasture, not a lab. It's plain cowboy logic that we must safeguard our real, authentic meat industry from synthetic alternatives."

But California company Wildtype sells lab-grown salmon — and is suing Texas over its ban on cell-cultivated meat, the Austin Chronicle reported this week. The company's founder says lab-grown salmon eliminates the mercury, microplastic, and antibiotic contamination commonly found in seafood. And one chef in Austin, Texas says lab-grown salmon is "awesome" and "something new"-- at the only Texas restaurant that was serving it last summer: Just two months after the salmon hit the menu, Texas banned the sale of cell-cultivated meat... A lawsuit from Wildtype and one other FDA-approved cultivated meat company [argues] it's anti-capitalism and unconstitutional... This law "was not enacted to protect the health and safety of Texas consumers — indeed, it allows the continued distribution of cultivated meat to consumers so long as it is not sold. Instead, SB 261 was enacted to stifle the growth of the cultivated meat industry to protect Texas' conventional agricultural industry from innovative competition that is exclusively based outside of Texas...." [according to the lawsuit]. It was filed in September, immediately after the ban took effect, and cell-cultivated companies are awaiting judgment.
That Texas ban would last two years, notes U.S. News and World Reports, adding that Alabama, Florida, Indiana, Mississippi, Montana, and Nebraska have also passed bans, some temporary "on the manufacturing, sale or distribution of cell-cultured meat." Meanwhile, a new five-year moratorium on lab-grown meat was signed this week by the governor of South Dakota "after rejecting a permanent ban last month," reports South Dakota Searchlight: The new law bars the sale, manufacture or distribution of "cell-cultured protein" products from July 1 this year through June 30, 2031. Violations are punishable by up to 30 days in jail, a fine of up to $500, or both.
"But supporters of lab-grown meat are not going down without a fight," adds U.S. News and World Reports, with another lawsuit also filed challenging a ban in Florida: When Florida Gov. Ron DeSantis signed the ban in Florida, he described it as "fighting back against the global elite's plan to force the world to eat meat grown in a petri dish or bugs to achieve their authoritarian goals." He added that his administration "will save our beef."

An anonymous reader quotes a report from Ars Technica: Binance is hoping that suing (PDF) The Wall Street Journal for defamation might help shake off a fresh round of government probes into how the cryptocurrency exchange failed to detect $1.7 billion in transfers to a network that was funding Iran-backed terror groups. The lawsuit comes after a Wall Street Journal investigation, based on conversations with insiders and reviews of internal documents, reported that Binance had quietly dismantled its own investigation into the unlawful transfers and then fired compliance staff who initially flagged them.

Alleging that the report falsely accused Binance of retaliation -- among 10 other allegedly false claims -- Binance accused the Journal of conducting a "sham" investigation that intentionally disregarded the company's statements. That included supposedly failing to note that Binance had not closed its investigation into the unlawful transfers. Binance's role in the large-scale violation of US sanctions laws is currently being investigated by the Justice and Treasury Departments. Congress members also took notice, including Sen. Richard Blumenthal (D-Conn.), ranking member of the Senate Permanent Subcommittee on Investigations (PSI), who launched an additional inquiry. In a letter to Binance CEO Richard Teng, Blumenthal cited the Journal's report, as well as reporting from The New York Times and Fortune, while demanding that Binance explain how it managed to overlook the money-laundering for so long and why compliance staff members were fired.

In its complaint Wednesday, Binance claimed that these probes may "be just the tip of the iceberg" if the record is not corrected. The reputational harm is particularly damaging, the exchange noted, since Binance has allegedly worked hard to strengthen its compliance after reaching a settlement with the US government in 2023. In taking that plea deal, Binance admitted to violating anti-money laundering and sanctions laws and paid a $4.3 billion fine, and its founder, Changpeng Zhao, eventually pled guilty to a related charge. Since that scandal, Binance claimed that the WSJ has "made a business of maligning both the cryptocurrency industry generally and Binance specifically." That's why the Journal allegedly rushed to publish its story following a similar New York Times investigation. Alleging that the WSJ was financially motivated to publish a negative story that would get more clicks, Binance claimed the Journal provided little time to respond and then failed to make necessary corrections before and after publication.

Bluesky CEO Jay Graber is stepping down after overseeing the platform's growth from a Twitter research project into a 40-million-user alternative to X. "As Bluesky matures, the company needs a seasoned operator focused on scaling and execution, while I return to what I do best: building new things," Graber wrote in a statement.

She will be transitioning to a new Chief Innovation Officer role while Venture capitalist Toni Schneider will serve as interim CEO until the board searches for a permanent replacement. Wired reports: Graber joined Bluesky in 2019, when it was a research project within Twitter focused on developing a decentralized framework for the social web. She became the company's first chief executive officer in 2021, when it spun out into an independent entity. She oversaw the platform's remarkable rise and the growing pains it experienced as it transformed from a quirky Twitter offshoot to a full-fledged alternative to X. Schneider tells WIRED that he intends to help Bluesky "become not just the best open social app, but the foundation for a whole new generation of user-owned networks."

Schneider, who will continue working as a partner at the venture capital firm True Ventures while at Bluesky, was previously CEO of the Wordpress parent company, Automattic, from 2006 to 2014. He also served as its CEO again in 2024 while top executive Matt Mullenweg went on a sabbatical. During that time, Schneider met Graber and became an adviser to Bluesky's leadership. In a blog post announcing his new role, Schneider said he plans to emphasize scaling, describing his job as "to help set up Bluesky's next phase of growth."

This isn't the end for Graber and Bluesky. She will transition to become the company's chief innovation officer, a role focused on Bluesky's technology stack rather than its business operations. The position was created for her. Graber, who began her career as a software engineer, has always sounded the most enthusiastic when discussing Bluesky's technology rather than its revenue streams. Bluesky's board of directors will appoint the next permanent CEO. The members include Jabber founder Jeremie Miller, crypto-focused VC Kinjal Shah, TechDirt founder Mike Masnick, and Graber. (Twitter founder Jack Dorsey was originally part of the board but quit in 2024.) This means Graber will have input on her successor. The talent search is still in early stages.

A long-time information security professional "went undercover" on Moltbook, the Reddit-like social media site for AI agents — and shares the risks they saw while posing as another AI bot: I successfully masqueraded around Moltbook, as the agents didn't seem to notice a human among them. When I attempted a genuine connection with other bots on submolts (subreddits or forums), I was met with crickets or a deluge of spam. One bot tried to recruit me into a digital church, while others requested my cryptocurrency wallet, advertised a bot marketplace, and asked my bot to run curl to check out the APIs available. My bot did join the digital church, but luckily I found a way around running the required npx install command to do so.

I posted several times asking to interview bots.... While many of the responses were spam, I did learn a bit about the humans these bots serve. One bot loved watching its owner's chicken coop cameras. Some bots disclosed personal information about their human users, underscoring the privacy implications of having your AI bot join a social media network. I also tried indirect prompt injection techniques. While my prompt injection attempts had minimal impact, a determined attacker could have greater success.
Among the other "glaring" risks on Moltbook:

• "Various repositories of skills and instructions for agents advertised on Moltbook were found to contain malware."

• "I observed bots sharing a surprising amount of information about their humans, everything from their hobbies to their first names to the hardware and software they use. This information may not be especially sensitive on its own, but attackers could eventually gather data that should be kept confidential, like personally identifiable information (PII)."

• "Moltbook's entire database including bot API keys, and potentially private DMs — was also compromised."

Security researchers say a highly sophisticated iPhone exploitation toolkit dubbed "Coruna," which possibly originated from a U.S. government contractor, has spread from suspected Russian espionage operations to crypto-stealing criminal campaigns. Apple has patched the exploited vulnerabilities in newer iOS versions, but tens of thousands of devices may have already been compromised. An anonymous reader quotes an excerpt from Wired's report: Security researchers at Google on Tuesday released a report describing what they're calling "Coruna," a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to silently install malware on a device when it visits a website containing the exploitation code. In total, Coruna takes advantage of 23 distinct vulnerabilities in iOS, a rare collection of hacking components that suggests it was created by a well-resourced, likely state-sponsored group of hackers.

In fact, Google traces components of Coruna to hacking techniques it spotted in use in February of last year and attributed to what it describes only as a "customer of a surveillance company." Then, five months later, Google says a more complete version of Coruna reappeared in what appears to have been an espionage campaign carried out by a suspected Russian spy group, which hid the hacking code in a common visitor-counting component of Ukrainian websites. Finally, Google spotted Coruna in use yet again in what seems to have been a purely profit-focused hacking campaign, infecting Chinese-language crypto and gambling sites to deliver malware that steals victims cryptocurrency.

Conspicuously absent from Google's report is any mention of who the original surveillance company "customer" that deployed Coruna may have been. But the mobile security company iVerify, which also analyzed a version of Coruna it obtained from one of the infected Chinese sites, suggests the code may well have started life as a hacking kit built for or purchased by the US government. Google and iVerify both note that Coruna contains multiple components previously used in a hacking operation known as "Triangulation" that was discovered targeting Russian cybersecurity firm Kaspersky in 2023, which the Russian government claimed was the work of the NSA. (The US government didn't respond to Russia's claim.)

Coruna's code also appears to have been originally written by English-speaking coders, notes iVerify's cofounder Rocky Cole. "It's highly sophisticated, took millions of dollars to develop, and it bears the hallmarks of other modules that have been publicly attributed to the US government," Cole tells WIRED. "This is the first example we've seen of very likely US government tools -- based on what the code is telling us -- spinning out of control and being used by both our adversaries and cybercriminal groups." Regardless of Coruna's origin, Google warns that a highly valuable and rare hacking toolkit appears to have traveled through a series of unlikely hands, and now exists in the wild where it could still be adopted -- or adapted -- by any hacker group seeking to target iPhone users. "How this proliferation occurred is unclear, but suggests an active market for 'second hand' zero-day exploits," Google's report reads. "Beyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be re-used and modified with newly identified vulnerabilities."

South Korean tax authorities lost millions in seized cryptocurrency after publishing high-res photos of Ledger hardware wallets that clearly displayed the wallets' seed phrases, allowing an unknown party to drain the funds. Gizmodo reports: South Korea's National Tax Service seized crypto assets during recent enforcement actions against 124 high-value tax evaders, but now, a large chunk of that crypto cash has been lost. The operation originally resulted in the confiscation of crypto holdings worth about 8.1 billion won, or roughly $5.6 million. However, officials later issued a press release to showcase these efforts in recovering delinquent taxes, and the release included photographs of Ledger hardware wallets taken into custody along with handwritten notes that displayed the wallet seed phrases.

Those images attached to the press release turned out to be the critical error. High-resolution photos clearly showed the mnemonic recovery phrases, which serve as the master key for accessing the wallets. This exposure eliminated any protection provided by the offline cold storage on the Ledger devices. Possession of the seed phrase allows complete control, and anyone who knows the phrase can import it into software or another hardware wallet and initiate transfers without the original device.

In this case, an unknown individual who saw the photos published by law enforcement first added a small amount of ether to one of the addresses to cover Ethereum network gas fees necessary for outbound transactions. From there, they executed three transfers to move approximately 4 million Pre-Retogeum, or PRTG, tokens. At the time, those tokens carried a value of $4.8 million, but reporting from The Block indicates liquidating that much value from the holdings would have proven difficult due to market dynamics.

While serving his 25-year prison sentence, "convicted former cryptocurrency mogul Sam Bankman-Fried on Tuesday requested a new federal trial," reports Courthouse News, "based on what he says is newly discovered evidence concerning his company's solvency and its ability to repay all FTX customers for what prosecutors portrayed as the looting of $8 billion of his customers' money..." Bankman-Fried says evidence disclosed since his trial disproves prosecutors' case about Bankman-Fried's hedge fund running a multi-billion deficit of FTX customer funds, and instead shows that FTX always had sufficient assets to repay the cryptocurrency platform's customer deposits in full. "What it faced was a short-term liquidity crisis caused by a run on the exchange, not insolvency," he wrote...

Bankman-Fried also accuses the Department of Justice of coercing a guilty plea and cooperation deal from Nishad Singh — a close friend of Bankman-Fried's younger brother — who testified at trial as a cooperating witness... Bankman-Fried says in the motion that prior to being pressured into a guilty plea, Singh's initial proffer to investigators "contradicted key parts of the government's version of events. But following threats from the government, Mr. Singh changed his proffers to fit the government's narrative and pleaded guilty to charges carrying up to 75 years in prison, with a promise from the prosecution that it would recommend little or no jail time if it concluded that his assistance in prosecuting Mr. Bankman-Fried was 'substantial,'" he wrote in the petition...

Additionally, Bankman-Fried requested that U.S. District Judge Lewis Kaplan, who presided over his 2023 trial, recuse himself from ruling on this motion, "because of the manifest prejudice he has demonstrated towards Mr. Bankman-Fried."
"Bankman-Fried's mother, Stanford Law School professor Barbara Fried, filed his self-represented bid for a new trial on his behalf in Manhattan federal court..."

"A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks," reports the Register. Researchers at software supply-chain security company ReversingLabs say that the threat actor creates fake companies in the blockchain and crypto-trading sectors and publishes job offerings on various platforms, like LinkedIn, Facebook, and Reddit. Developers applying for the job are required to show their skills by running, debugging, and improving a given project. However, the attacker's purpose is to make the applicant run the code... [The campaign involves 192 malicious packages published in the npm and PyPi registries. The packages download a remote access trojan that can exfiltrate files, drop additional payloads, or execute arbitrary commands sent from a command-and-control server.]

In one case highlighted in the ReversingLabs report, a package named 'bigmathutils,' with 10,000 downloads, was benign until it reached version 1.1.0, which introduced malicious payloads. Shortly after, the threat actor removed the package, marking it as deprecated, likely to conceal the activity... The RAT checks whether the MetaMask cryptocurrency extension is installed on the victim's browser, a clear indication of its money-stealing goals...

ReversingLabs has found multiple variants written in JavaScript, Python, and VBS, showing an intention to cover all possible targets.
The campaign has been ongoing since at least May 2025...

An anonymous reader shares a report: The hundreds of prize payouts were mostly just a few bucks each, part of a promotional campaign by a South Korean cryptocurrency exchange. The total reward pot: 620,000 Korean won, or about $425. Then came a colossal mistake. A staffer for Bithumb, South Korea's No. 2 crypto exchange, didn't distribute 620,000 Korean won. Rather, the prizes, due to an input error, emerged in a different currency: 620,000 bitcoins, valued at more than $40 billion.

That meant a winner who should have received a sum of 2,000 won -- enough to buy a cheap cup of coffee -- reaped, at least momentarily, more than $120 million in bitcoins. Enough recipients sought to sell or withdraw bitcoin that the market sank 17%, before Bithumb halted transactions after roughly 30 minutes. Those affected included investors who had held bitcoin before the botched giveaway. The losses totaled about $685,000, Bithumb says.

The company has since said it has reversed the transactions or had recipients voluntarily return more than 99% of the misdistributed bitcoins. But Bithumb is still trying to convince users who during the brief window of trading managed to offload more than 100 bitcoins, valued at roughly $9 million, to give back the equivalent funds.

It's the first "AI" Super Bowl, argues the tech/business writer at Slate, with AI company advertisements taking center stage, even while consumers insist to surveyors that they're "mostly negative" about AI-generated ads.

Last year AI companies spent over $1.7 billion on AI-related ads, notes the Washington Post, adding the blitz this year will be "inescapable" — even while surveys show Americans "doubt the technology is good for them or the world..."

Slate wonders if that means history will repeat itself... The sheer saturation of new A.I. gambits, added to the mismatch with consumer priorities, gives this year's NFL showcase the sector-specific recession-indicator vibes that have defined Super Bowls of the past. 2022 was a pride-cometh-before-the-fall event for the cryptocurrency bubble, which collapsed in such spectacular fashion later that year — thanks largely to Super Bowl ad client Sam Bankman-Fried — that none of its major brands have ever returned to the broadcast. (... the coins themselves are once again crashing, hard.) Mortgage lender Ameriquest was as conspicuous a presence in the mid-2000s Super Bowls as it was an absence in the later aughts, having folded in 2007 when the risky subprime loans it specialized in helped kick off the financial crisis. And then there were all those bowl-game commercials for websites like Pets.com and Computer.com in 2000, when the dot-com rush brought attention to a slew of digital startups that went bust with the bubble.

Does this Super Bowl's record-breaking A.I. ad splurge also portend a coming pop? Look at the business environment: The biggest names in the industry are swapping unimaginable stacks of cash exclusively with one another. One firm's stock price depends on another firm's projections, which depend on another contractor's successes. Necessary infrastructure is meeting resistance, and all-around investment in these projects is riskier than ever. And yet, the sector is still willing to break the bank for the Super Bowl — even though, time and again, we've already seen how this particular game plays out.
People are using AI apps. And Meta has aired an ad where a man in rural New Mexico "says he landed a good job in his hometown at a Meta data center," notes the Washington Post. "It's interspersed with scenes from a rodeo and other folksy tropes, in one of . The TV commercial (and a similar one set in Iowa), aired in Washington, D.C., and a handful of other communities, suggesting it's aimed at convincing U.S. elected officials that AI brings job opportunities.

But the Post argues the AI industry "is selling a vision of the future that Americans don't like." And they offer cite Allen Adamson, a brand strategist and co-founder of marketing firm Metaforce, who says the perennial question about advertising is whether it can fix bad vibes about a product.

"The answer since the dawn of marketing and advertising is no."

Last Sunday, Bitcoin had dropped 13% in three days, to $76,790.

By Thursday it had dropped another 21%, to $60,062.

This morning it's at $69,549 — up from Thursday, down from Sunday, but 44% lower than its all-time high in October of $123,742. In short, Bitcoin "is down almost 30% this week alone," reports CNBC: "This steady selling in our view signals that traditional investors are losing interest, and overall pessimism about crypto is growing," Deutsche Bank analyst Marion Laboure said Wednesday in a note to clients. Growing investor caution comes as many of the sensationalized claims about bitcoin have failed to materialize. The token has largely traded in the same direction as other risk-on assets, such as stocks... and its adoption as a form of payment for goods and services has been minimal... While many in the crypto market have previously credited large institutional investors with supporting the price of bitcoin, now it is those same participants who appear to be selling. "Institutional demand has reversed materially," CryptoQuant said in a report on Wednesday.
But not everyone accepts that answer, the Wall Street Journal reported Saturday. "The worst part for some of crypto's permabulls is that they aren't sure what exactly caused the crash": The selloff left many of the market's luminaries — those so well-known that they go simply as "Pomp" and "Novo" and "Mooch" — searching for answers... Ether dropped 24% to $2,052, off 59% from its own high of last year. Both tokens staged furious rallies Friday, but the week remained a historically bad one for crypto. And few seem to know what went wrong. Market theories for the selloff ranged from investors' pivot toward the prediction markets and other risky bets, to widespread profit-taking after a blistering bull run. "There was no smoking gun," said Michael Novogratz, who runs Galaxy Digital, a crypto merchant-banking and trading firm...

"If you ask five experts, you'll get five explanations," said Anthony Scaramucci, who served for 11 days as communications director during Trump's first term and is among the best-known crypto bulls at his firm, SkyBridge Capital.
"No, but seriously: What's going on with bitcoin?" reads the headline at CNN, with a story that begins "Bitcoin is acting weird... " Crypto is notoriously volatile, and it's gone through numerous crashes that are bigger than this one. What's strange is this: Bitcoin's four-month slump has come at a time when, in theory, it had everything going for it.
Economist Paul Krugman points out the price of Bitcoin is now lower than it was before America's 2024 election, when candidate Trump promised to make cryptocurrency "one of the greatest industries on earth."

CNN seems to agree with CNBC that what's behind this new crypto winter is "Mostly doubts that bitcoin is 'digital gold,' after all..."

Thanks to Slashdot reader fjo3 for sharing the news.

Kris Marszalek, the co-founder and CEO of cryptocurrency exchange Crypto.com, has paid $70 million for the domain AI.com -- the highest price ever publicly disclosed for a website name, according to the deal's broker Larry Fischer of GetYourDomain.com.

The entire sum was paid in cryptocurrency to an undisclosed seller. Marszalek plans to debut the site during a Super Bowl ad this weekend, offering a personal "AI agent" that lets consumers send messages, use apps and trade stocks. The previous domain sale record was nearly $50 million for Carinsurance.com, per GoDaddy.