News Posts matching #Monero

Return to Keyword Browsing

MSI Afterburner Laced with Malware Circulating in the Wild

MSI Afterburner is arguably the most popular graphics card overclocking utility, and the best place to find it is the MSI website. There are several other sites that redistribute the utility, many of them are trustworthy PC enthusiast tech publications; but some of them are not. There are some dubious websites that are using SEO techniques and ad-placements to find their way into online search results, appearing to be download mirrors for MSI Afterburner. While some of these sites are just in it for some web-traffic ad revenue, others downright spoof the MSI website (i.e. are visual clones), and host redistributables of Afterburner, only these have a more sinister motive—to infect you with malware.

Cybersecurity researchers at Cyble identified such spoof websites that are visually identical to the MSI website; which host modified versions of the Afterburner software laced with malware. This malware can infect your PC with a multitude of bad stuff, including cryptojacking (using your PC's system resources to mine cryptocurrency for the attacker); and data-theft. Cyble deconstructed the malware-laced Afterburner installer in a bid to identify its nature. Apparently it uses Monero XMR miner software to mine cryptocurrency. Apparently the attacker repackaged Afterburner into a custom installer that, in addition to installing Afterburner, fetches XMR miner from the Internet and infects Windows Explorer (explorer.exe) with a cryptojacking payload. The easiest way to avoid this is sticking to known sources such as the MSI website (www.msi.com); or known websites authorized to redistribute Afterburner. If infected, SFC (system file checker), coupled with Windows Defender or other popular antivirus software should help.

Coinhive Closing up Shop March 8th in Wake of Monero Forks, Crypto Crash

Remember Coinhive, one of the most negative faces of crypto currencies to ever grace the world wide web? The platform, which allowed for websites (or malicious players) to inject web pages' code with cryptocurrency mining algorithms that hijacked visitors' CPUs to mine the privacy-focused Monero cryptocurrency has announced they are shuttering their doors (and services) on the 8th of March. The company cites changes to Monero's rewards and has rates declines following some hard forks, as well as overall crypto market value being down, with Monero having deprecated some 85% since the website put its code up for grabs.

For companies and/or users that used Coinhive's code to mine Monero with other users' systems - usually, without their consent or knowledge - have until April to withdraw any earnings they have amassed. After that, it's all gone. It's quite obvious that this was only one of the first manifestations of wrongly-designed cryptomining, but then again, some users will always take advantage of these sorts of tools.

BIOSTAR Announces iMiner Series Turnkey Mining Solutions

BIOSTAR, a top provider of mining motherboards and graphics cards, introduces a turnkey solution for mining at home with iMiner A578X8D/iMiner A564X12P/iMiner A578X6. The iMiner series comes as a single unit black box machine that supports ethOS and is fully equipped with BIOSTAR TB250-BTC series motherboard, CPU, GPU, memory, and power supply. It allows ultra-mining flexibility as it supports GPU mineable crypto currencies such as Ethereum, Monero, Bitcoin Gold and Zcash.

All iMiner systems are based on the Intel 3930 CPU and Intel B250 chipset for maximum mining power. BIOSTAR iMiner A578X8D with ETH hashrate of 220 MH/s (±5%) uses the popular BIOSTAR TB250-BTC D+ with 8 x AMD RX570 8G graphics card and a high performance 1600W single rail 12v power supply (optional) with dual-ball bearing fans to offer ultra durable operation 24/7. BIOSTAR iMiner A564X12P with ETH hashrate of 148 MH/s (±5%) uses the BIOSTAR TB250-BTC PRO with 12 x AMD RX560 4G graphics cards on a 1300W power supply. BIOSTAR iMiner A578X6 with ETH hashrate of 165 MH/s (±5%) also uses the BIOSTAR TB250-BTC PRO with a modest 6 x AMD RX570 8G (which can be expanded for up to 12 GPUs) with a 1300W power supply.

Confessions of a Crypto Miner: Green(er) Mining

Welcome back to "Confessions of a Crypto Miner," my column about a crypto miner from 2013 trying to get caught up with the latest standards. I'm presently mining and reporting to you from a dual-GTX 1080 based rig mining zCash. Today, I'm going to talk about saving energy and reducing a miner's impact on the environment. How can you do that, you ask? Simple: Consolidation.

Mining inherently consumes a lot of energy, but a lot of things we do as tech geeks are actually not all that efficient. Case in point, my NAS I've had for years. Old Lenovo server-something or another, modded pretty hardcore, but still energy-drinking to the core. It's based around a Core 2 Quad and uses around 400W of power on its own when not doing much of anything more than being an NAS. It features big RAID arrays and big blower fans, none of which I really need in this day and age and all of which consume power. I've been thinking since I got my Ryzen quad core mining rig: What's to stop me from mining and doing my NAS stuff on the same rig, thus saving power? As it so happens, not much. My miner has the same memory size as the old Lenovo DDR2 solution and a far more energy efficient, likely faster CPU. So I can fold that 400 W server into my 550 W of mining, far reducing my footprint in a green sense. Let's get to it.

Confessions of a Crypto Miner: CPU Mining

Welcome back to "Confessions of a Crypto Miner," my column about a crypto miner from 2013 trying to get caught up with the latest standards. I'm presently mining and reporting to you from a dual-GTX 1080 based rig mining zCash.
Today we are going to take a look at mining again - using the CPU in particular. CPU mining is the original form of mining cryptocoins.

Bitcoin's Lack of Wallet Privacy Leads Criminals to Look Towards Other Cryptos

"It is used for criminal, illegal activities" is one of the most oft-mentioned reasons for users to reject Bitcoin or other cryptocurrencies. However, it seems that this argument is losing weight as we speak when it comes to Bitcoin. In the wake of much increased interest and awareness regarding the fledgling, currently leading cryptocurrency, which has seen institutions and states renew their interest and attention towards regulation or stricter control of the virtual currency, users that would use Bitcoin for nefarious purposes have started to migrate to other cryptocurrencies. You see, the reality of a distributed, transparent ledger is great for a system's transparency; however, transparency and easily identifiable - and traceable - wallets and transactions go against criminals' interests. Law enforcement agencies, such as Europol, have already issued warnings and established protocols towards the adoption of software tools to monitor people using bitcoin. As such, criminals are looking towards other less "transparent" cryptos to use as escape routes for their criminal ways.

The most viable alternative for criminals has apparently been Monero, the cryptocurrency that has also been in the world's mouth because it's usually the one being mined in web browsers, absent of users' consent. Monero has been developed with privacy as a main design criteria from the start, encrypting the recipient's address on its blockchain and generating fake addresses, obfuscating the real sender, but going one step further by also obfuscating the amount of the transaction. This means Monero is currently "one of the favorites, if not the favorite" for usage in ransomware attacks, said Matt Suiche, founder of Dubai-based security firm Comae Technologies, said in a phone interview to Bloomberg.

Starbucks Wi-Fi Exploits Coffee Lovers' Devices for Cryptocoin Mining Operations

Nothing in life is free, not even the Wi-Fi at Starbucks cafes. That's something Noah Dinkin would discover eventually. While sipping his coffee at a Starbucks coffeehouse in Buenos Aires, the founder and CEO of stensul decided to log onto the Wi-Fi network to get some work done. To his surprise, there was an unusual delay before he was able to access the internet. Noah later found out that a malicious code was working behind the scenes to hijack customer's devices to mine Monero (XMR). He immediately reported the exploit to Starbucks via Twitter. Starbucks was unaware of the issue, but the company immediately contacted their internet provider to remove the code. To their defense, the Wi-Fi service is outsourced to a third-party provider, therefore, Starbucks doesn't own or control the Wi-Fi network. The company claims that this was an isolated case, and their other stores are safe.

Politifact Sees Unsactioned Introduction of Web Miner, Vows to Investigate

This here is an issue that this editor has been fearing for a while, and that we here at TPU have called our users' attention to in the past. It's bad enough when websites willingly implement web mining scripts absent of users' consent or simple knowledge. Opt-in mining as a contribution to a website's revenue would be the best way to go around the issue; however, absent that, a simple opt-out capability wouldn't be much worse. But if stealth usage of a site viewers' computing resources is bad, what then can be said when the site managers themselves are unaware of the implementation of a web miner?

This is what happened with Politifact, the US politics fact-checking website, which is but one of hundreds of the world's top traffic websites that have seen the stealth introduction of these web mining scripts - against the will of the site managers. In the meantime, Politifact has brought down the offending code and has vowed to investigate, but this opens up Pandora's box, really. Generally speaking, these JavaScript apps are running code hosted on another server that the end user - and sometimes even the site hosts - can't inspect or don't expect to have to inspect. And this is easier to do than one would imagine; there's a lack of protection against JavaScript routines like this one. And where there's potential for profit, there's abuse; and that's what we're seeing. It also doesn't help that injecting the necessary JavaScript into the front page of a website is much easier than a full blown hack into a website's databases; and once the code has been shoehorned into a website's code, it runs itself, hijacking users' CPU cycles and putting the resulting Monero coins into a designated wallet.

Pirate Bay Mines Coins in Your Browser - Revenue Model of the Future?

It has come into the limelight that popular torrenting website The Pirate Bay (TPB) has been running additional code on their site, which helped enable them to make use of a visitor's CPU in mining Monero (XMR, a cryptocurrency with added layers of anonymity when compared to Bitcoin). Now, I realize Torrenting (in particular, of copyright-protected material) is in itself a subject open to heated debate - but let's leave that discussion for another day. Today, I thought I'd focus on this mining act itself, on how TPB was secretly using your computing resources to stealthily mine cryptocurrency which they could then turn into additional revenue.

That this was done without the users' consent is clearly wrong. We as users are entitled to know what to expect from our system and from its usage of our resources - as seldom as we can claim that ability nowadays. That a site we are visiting is using our computing resources to generate additional revenue than the one it obtains from ads without, at the very least, being forthcoming about it (with the increased electricity costs that implies, however small) can be considered, at a minimum, distasteful. However, the discussion becomes much more interesting if we wonder what would have happened if users had, in fact, been warned. What does this mean for the future of web browsing, for revenue models - and for those pesky, flashy, little (or not so little) ads?
To our forum-lurkers: this article is marked as an Editorial
Return to Keyword Browsing
Nov 24th, 2024 07:07 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts