North Korea cybercriminals have executed a strategic pivot in their social engineering campaigns. They have stolen more than $300 million by impersonating trusted industry figures in fake video meetings.

The warning, detailed by MetaMask security researcher Taylor Monahan (known as Tayvano), outlines a sophisticated “long-con” targeting crypto executives.

How North Korea’s Fake Meetings Are Draining Crypto Wallets

According to Monahan, the campaign departs from recent attacks that relied on AI deepfakes.

Instead, it uses a more straightforward approach built on hijacked Telegram accounts and looped footage from real interviews.

🚨 WARNING (AGAIN)

DPRK threat actors are still rekting way too many of you via their fake Zoom / fake Teams meets.

They're taking over your Telegrams -> using them to rekt all your friends.

They've stolen over $300m via this method already.

Read this. Stop the cycle. 🙏 pic.twitter.com/tJTo9lkq0v

— Tay 💖 (@tayvano_) December 13, 2025

The attack typically starts after hackers seize control of a trusted Telegram account, often belonging to a venture capitalist or someone the victim previously met at a conference.

Then, the malicious attackers exploit prior chat history to appear legitimate, guiding the victim to a Zoom or Microsoft Teams video call via a disguised Calendly link.

Once the meeting starts, the victim sees what appears to be a live video feed of their contact. In reality, it is often a recycled recording from a podcast or public appearance.

The decisive moment typically follows a manufactured technical issue.

After citing audio or video problems, the attacker urges the victim to restore the connection by downloading a specific script or updating a software development kit, or SDK. The file delivered at that point contains the malicious payload.

Once installed, the malware—often a Remote Access Trojan (RAT)—grants the attacker total control.

It drains cryptocurrency wallets and exfiltrates sensitive data, including internal security protocols and Telegram session tokens, which are then used to target the next victim in the network.

Considering this, Monahan warned that this specific vector weaponizes professional courtesy.

The hackers rely on the psychological pressure of a “business meeting” to force a lapse in judgment, turning a routine troubleshooting request into a fatal security breach.

For industry participants, any request to download software during a call is now considered an active attack signal.

Meanwhile, this “fake meeting” strategy is part of a broader offensive by Democratic People’s Republic of Korea (DPRK) actors. They have stolen an estimated $2 billion from the sector over the past year, including the Bybit breach.

The post North Korea Hackers Steal $300 Million via Fake Zoom Meetings appeared first on BeInCrypto.

Cosmos Labs has opened an urgent search for external economists to redesign the ATOM token amid the digital asset’s price struggles.

According to the firm, the Cosmos SDK has become a widely used framework for launching blockchain networks. This includes projects tied to major enterprises and government initiatives often cited as evidence of “Fortune 500” interest.

Why Cosmos Wants to Overhaul ATOM’s Design

However, because the software is open source, those users can deploy independent, sovereign chains without paying fees or royalties to the Cosmos Hub.

As a result, these institutional builders can use the network’s core technology without holding or interacting with ATOM.

Request for Proposals: ATOM Tokenomics Research ⚛️

A tokenomics RFP invites qualified research firms to submit proposals to provide data-driven research supporting a redesign of ATOM’s economic model.

Applications are due January 15. Read more: https://t.co/96lGdAyCAI

— Cosmos Hub ⚛️ (@cosmoshub) December 12, 2025

The blockchain development firm wants to change this by promoting a new “revenue-driven model.” This approach would monetize both on-chain and off-chain usage.

“The goal of this research effort is not to design a new tokenomic model from first-principles, but rather to provide research and design support for a revenue-driven model that synergizes various sources of potential ATOM revenue with updates to ATOM’s supply dynamics and inflation schedule. Ultimately, ATOM’s utility will be driven by these fees, either in the form of ATOM buybacks, ATOM staking rewards, other mechanisms, or some combination thereof,” it stated.

Meanwhile, the initiative also marks a strategic pivot for the Cosmos ecosystem.

Cosmos Labs acknowledged that Interchain Security, the shared security framework once promoted as ATOM’s primary value driver, “failed to find product market fit.”

“Interchain Security is in the process of being deprecated, and the Hub’s economic architecture remains relatively detached from the broader activity of the Cosmos ecosystem. It lacks a comprehensive fee model today, outside of transaction fees occurring on the network,” the firm explained.

Consequently, this redesign effort points toward economic models closer to enterprise software norms, including consumption-based fees tied to usage rather than security rent.

However, implementing any proposal would face significant political constraints. Any material changes must be approved by the Cosmos Hub DAO, which has historically resisted measures viewed as centralizing.

Cosmos Labs referenced a previous proposal to reduce inflation that passed by a narrow 3% margin. The decision triggered a sharp withdrawal of staked assets, illustrating how sensitive token economics remain within the community.

Considering this, the firm stated that any successful proposal outlines potential revenue pathways, analyzes supply-side constraints, and offers practical guidance aligned with stakeholder interests. The RFP closes Jan. 15.

Meanwhile, this move comes as ATOM has fallen nearly 76% this year to a five-year low of around $2.1.

This price performance reflects a deep stress across the ecosystem, even as the Cosmos software stack has gained wider traction among blockchain developers and institutional pilots.

---

The post Cosmos Eyes ATOM Radical Redesign Amid Price Struggles appeared first on BeInCrypto.

Ethereum consensus client Prysm said validators missed out on 382 ETH, equivalent to more than $1 million, after a software bug triggered network disruptions shortly after the recent Fusaka upgrade.

The incident, detailed in a post-mortem titled “Fusaka Mainnet Prysm incident,” stemmed from a resource exhaustion event that affected nearly all Prysm nodes and led to missed blocks and attestations.

What Caused Prysm’s Outage?

According to Offchain Labs, the developer behind Prysm, the problem emerged on December 4 when a previously introduced bug caused delays in validator requests.

Those delays resulted in missed blocks and attestations across the network.

“Prysm beacon nodes received attestations from nodes that were possibly out of sync with the network. These attestations referenced a block root from the previous epoch,” the project explained.

The disruption led to 41 missed epochs, with 248 blocks missing out of 1,344 available slots. That represented an 18.5% missed slot rate and pushed overall network participation down to 75% during the incident.

Offchain Labs said the bug responsible for the behavior was introduced and deployed to testnets about a month earlier, before being triggered on mainnet following the Fusaka upgrade.

While a temporary mitigation reduced the immediate impact, Prysm said it has since implemented permanent changes to its attestation validation logic to prevent a recurrence.

Ethereum’s Client Diversity

Meanwhile, the outage has renewed scrutiny around Ethereum’s client concentration and the risks posed by software monocultures.

Offchain Labs said the outage could have had more severe consequences if Prysm had accounted for a larger share of Ethereum’s validator base. The firm pointed to Ethereum’s client diversity as a key factor in preventing a wider network failure.

“A client with more than 1/3rd of the network would have caused a temporary loss in finality and more missed blocks. A bug client with more than 2/3rd could finalize an invalid chain,” it stated.

Despite that mitigation, the incident has intensified calls for greater client diversity.

Data from Miga Labs show that Lighthouse remains the dominant Ethereum consensus client, accounting for 51.39% of validators. Prysm represents 19.06%, followed by Teku at 13.71% and Nimbus at 9.25%.

Lighthouse’s share places it roughly 15% points away from a threshold that some researchers view as a systemic risk.

As a result, developers and ecosystem participants have again urged validators to consider switching to alternative clients to reduce the likelihood that a single software flaw could disrupt the blockchain’s core operations.

The post Prysm Bug Cost Ethereum Validators Over $1 Million After Fusaka Upgrade appeared first on BeInCrypto.