Nintendo Museum Opens In Kyoto - 1

Image from Freepik

Nintendo Museum Opens In Kyoto

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

In a Rush? Here are the Quick Facts!

  • The Nintendo Museum opened in Uji City, Kyoto, on October 2, 2024.
  • Merchandise is limited to one item per customer in the gift shop.
  • Tickets sell out quickly via a lottery system, three months in advance.

The Nintendo Museum has officially opened its doors in Uji City, Kyoto, on October 2. Located in a renovated old factory complex, the interactive space is a dream come true for Nintendo enthusiasts.

The museum serves as a celebration of Nintendo’s evolution, showcasing a wide array of gaming consoles—from the iconic 1983 Famicom to the 2017 Switch—alongside beloved games that have defined generations, reports The Guardian (TG).

Visitors can also discover artifacts from Nintendo’s early days, including toys and playing cards, highlighting its origins as a hanafuda playing card manufacturer established in 1889, notes TG.

The downstairs area features interactive displays, including oversized controllers and floor-projected games that engage visitors in playful experiences, said TG.

Each guest receives virtual coins to explore interactive exhibits, while a hanafuda workshop allows attendees to craft their own Japanese playing cards, all situated above a cafe offering custom burgers, reports TG.

As reported by The Verge , the buzz around the Nintendo Museum extends beyond its exhibits to the exclusive merchandise available in the gift shop.

To manage demand, the museum announced on X that several items, including miniature controller keychain collections and neck straps, will be limited to one per customer.

This policy comes after some items, like a giant plush Wii Remote listed at $474 and a complete set of controller cushions for $1,399, appeared on resale sites like eBay with significant markups, as reported by The Verge.

The museum is situated on the former site of Nintendo’s manufacturing plant, which produced toys and playing cards until transitioning to a service center for console repairs until 2016, notes TG.

With a daily capacity of 2,000 visitors, tickets for the museum are in high demand and must be purchased in advance, as they are not available at the entrance. Visitors must register for a lottery on the museum’s website at least three months in advance, as reported by CNN .

This allows travelers to enter for visits starting no earlier than January, selecting up to three preferred dates and times. Winners will be notified two months before their visit, and tickets must be purchased immediately.

TG notes that the Nintendo museum adds to the growing trend of video game tourism in Japan, complementing attractions like Akihabara’s electronics shops and the Super Nintendo World theme park in Osaka.

As Japan looks to enhance its cultural exports, this museum stands as a tribute to Nintendo’s enduring impact on the gaming world.

Cyber Attackers Use Royal Mail Impersonation To Spread Ransomware - 2

Photo by rawpixel.com, From Freepik

Cyber Attackers Use Royal Mail Impersonation To Spread Ransomware

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

In a Rush? Here are the Quick Facts!

  • Proofpoint revealed a ransomware campaign impersonating Royal Mail.
  • Ransom demand for decryption was $400 in Bitcoin.
  • Ransom designed for destruction rather than profit.

On Wednesday, Proofpoint researchers published a report uncovering a cyber campaign impersonating the British postal carrier, Royal Mail, to distribute Prince ransomware.

The Prince ransomware attack started with attackers impersonating Royal Mail, utilizing public contact forms on targeted organizations’ websites to send misleading emails. These emails contained a PDF that linked to a Dropbox-hosted ZIP file, luring victims into downloading it.

Inside the ZIP file was a second password-protected ZIP, along with a text file disclosing the password, which created a false sense of security for the victims.

Once opened, a shortcut file executed obfuscated JavaScript code that created several files in the system’s temporary directory. This code utilized PowerShell scripts to bypass security measures and establish persistence, running every 20 minutes while the computer was idle.

When the ransomware was executed, it encrypted victims’ files with a “.womp” extension and displayed a fake Windows Update splash screen to obscure its malicious activity.

A ransom note on the desktop demanded payment of 0.007 Bitcoins (around $400) for decryption. However, the analysis revealed that the ransomware had no decryption mechanism or data exfiltration capability, suggesting it was designed for destruction rather than profit.

Critically, there are no decryption mechanisms or capabilities for data exfiltration in this campaign, making it more destructive than typical ransomware. The lack of unique identifiers in the ransomware’s coding suggests that even if victims pay the ransom, there is no guarantee of file recovery.

Proofpoint did not attribute this malicious activity to any specific threat actor. The open-source nature of the Prince ransomware allows various actors to modify and deploy it freely. The creator, known as SecDbg, openly offers modifications for bypassing security measures, further complicating attribution efforts.

This incident underscores the evolving landscape of ransomware threats. Although such attacks typically do not originate directly from emails, the use of contact forms as a delivery method reflects a broader trend.

This is particularly concerning as postal services such as Royal Mail, UPS, and FedEx are regularly impersonated by malicious actors. Customers often receive fraudulent phone calls, text messages, and emails that seem to be official communications but are actually scams, as noted by The Record .

To help combat this issue, Royal Mail offers a useful list of common scams that exploit their brand .

Organizations are urged to train their employees to recognize suspicious communications and to report any anomalies to internal security teams. As cyber threats grow increasingly sophisticated, vigilance and education are key to preventing potential breaches.