News Posts matching "Monero"

Return to Keyword Browsing

Confessions of a Crypto Miner: CPU Mining

Welcome back to "Confessions of a Crypto Miner," my column about a crypto miner from 2013 trying to get caught up with the latest standards. I'm presently mining and reporting to you from a dual-GTX 1080 based rig mining zCash.
Today we are going to take a look at mining again - using the CPU in particular. CPU mining is the original form of mining cryptocoins.

Bitcoin's Lack of Wallet Privacy Leads Criminals to Look Towards Other Cryptos

"It is used for criminal, illegal activities" is one of the most oft-mentioned reasons for users to reject Bitcoin or other cryptocurrencies. However, it seems that this argument is losing weight as we speak when it comes to Bitcoin. In the wake of much increased interest and awareness regarding the fledgling, currently leading cryptocurrency, which has seen institutions and states renew their interest and attention towards regulation or stricter control of the virtual currency, users that would use Bitcoin for nefarious purposes have started to migrate to other cryptocurrencies. You see, the reality of a distributed, transparent ledger is great for a system's transparency; however, transparency and easily identifiable - and traceable - wallets and transactions go against criminals' interests. Law enforcement agencies, such as Europol, have already issued warnings and established protocols towards the adoption of software tools to monitor people using bitcoin. As such, criminals are looking towards other less "transparent" cryptos to use as escape routes for their criminal ways.

The most viable alternative for criminals has apparently been Monero, the cryptocurrency that has also been in the world's mouth because it's usually the one being mined in web browsers, absent of users' consent. Monero has been developed with privacy as a main design criteria from the start, encrypting the recipient's address on its blockchain and generating fake addresses, obfuscating the real sender, but going one step further by also obfuscating the amount of the transaction. This means Monero is currently "one of the favorites, if not the favorite" for usage in ransomware attacks, said Matt Suiche, founder of Dubai-based security firm Comae Technologies, said in a phone interview to Bloomberg.

Starbucks Wi-Fi Exploits Coffee Lovers' Devices for Cryptocoin Mining Operations

Nothing in life is free, not even the Wi-Fi at Starbucks cafes. That's something Noah Dinkin would discover eventually. While sipping his coffee at a Starbucks coffeehouse in Buenos Aires, the founder and CEO of stensul decided to log onto the Wi-Fi network to get some work done. To his surprise, there was an unusual delay before he was able to access the internet. Noah later found out that a malicious code was working behind the scenes to hijack customer's devices to mine Monero (XMR). He immediately reported the exploit to Starbucks via Twitter. Starbucks was unaware of the issue, but the company immediately contacted their internet provider to remove the code. To their defense, the Wi-Fi service is outsourced to a third-party provider, therefore, Starbucks doesn't own or control the Wi-Fi network. The company claims that this was an isolated case, and their other stores are safe.

Politifact Sees Unsactioned Introduction of Web Miner, Vows to Investigate

This here is an issue that this editor has been fearing for a while, and that we here at TPU have called our users' attention to in the past. It's bad enough when websites willingly implement web mining scripts absent of users' consent or simple knowledge. Opt-in mining as a contribution to a website's revenue would be the best way to go around the issue; however, absent that, a simple opt-out capability wouldn't be much worse. But if stealth usage of a site viewers' computing resources is bad, what then can be said when the site managers themselves are unaware of the implementation of a web miner?

This is what happened with Politifact, the US politics fact-checking website, which is but one of hundreds of the world's top traffic websites that have seen the stealth introduction of these web mining scripts - against the will of the site managers. In the meantime, Politifact has brought down the offending code and has vowed to investigate, but this opens up Pandora's box, really. Generally speaking, these JavaScript apps are running code hosted on another server that the end user - and sometimes even the site hosts - can't inspect or don't expect to have to inspect. And this is easier to do than one would imagine; there's a lack of protection against JavaScript routines like this one. And where there's potential for profit, there's abuse; and that's what we're seeing. It also doesn't help that injecting the necessary JavaScript into the front page of a website is much easier than a full blown hack into a website's databases; and once the code has been shoehorned into a website's code, it runs itself, hijacking users' CPU cycles and putting the resulting Monero coins into a designated wallet.

Pirate Bay Mines Coins in Your Browser - Revenue Model of the Future?

It has come into the limelight that popular torrenting website The Pirate Bay (TPB) has been running additional code on their site, which helped enable them to make use of a visitor's CPU in mining Monero (XMR, a cryptocurrency with added layers of anonymity when compared to Bitcoin). Now, I realize Torrenting (in particular, of copyright-protected material) is in itself a subject open to heated debate - but let's leave that discussion for another day. Today, I thought I'd focus on this mining act itself, on how TPB was secretly using your computing resources to stealthily mine cryptocurrency which they could then turn into additional revenue.

That this was done without the users' consent is clearly wrong. We as users are entitled to know what to expect from our system and from its usage of our resources - as seldom as we can claim that ability nowadays. That a site we are visiting is using our computing resources to generate additional revenue than the one it obtains from ads without, at the very least, being forthcoming about it (with the increased electricity costs that implies, however small) can be considered, at a minimum, distasteful. However, the discussion becomes much more interesting if we wonder what would have happened if users had, in fact, been warned. What does this mean for the future of web browsing, for revenue models - and for those pesky, flashy, little (or not so little) ads?
To our forum-lurkers: this article is marked as an Editorial
Return to Keyword Browsing