search widget

How to Monetize Your Website Using Reader's CPU Power to Mine Monero

Tuesday, September 19, 2017

 I have always looked forward to some sought of cryptocurrency micro-payment for blogging, where there won’t be need to show adverts, pop-ups, banners e.t.c However, there seem to be challenges when it comes to start-up publishers.
All this is about to change as a new service called CoinHive is making it easy for you to monetize your website using readers CPU power to mine Monero as they browse through your articles and get paid in Monero.

CoinHive offers 3 types of monetization features.

1. Proof of Work Captcha

The Proof of Work Captcha works in the same way like the normal captcha service, however with the Proof of Work captcha, users need to solve a number of hashes (adjustable by you) in order to submit a form. This prevents spam at an inconvenience that is comparable to a classic captcha. All with the added benefit of earning you some Monero.

2. Proof of Work Shortlinks
If you have an URL you'd like to forward your users to, you can create a shortlink to it. The user has to solve a number of hashes (adjustable by you) and is automatically forwarded to the target URL afterwards.
Example: (this just forwards to the Monero article on Wikipedia)

3. Flexible JavaScript Functions
The JavaScript API lets you tie solved hashes to user accounts on your site, giving you the freedom to offer your users arbitrary incentives to solve hashes for you.
Start the mining process by loading the CoinHive library and using "miner.start();" to call the start function:
<script src=""></script>
 var miner = new CoinHive.User('<site-key>', 'john-doe');

Or check balance by calling this function:
curl "<secret-key>" # {success: true, name: "john-doe" balance: 4096}
Use Cases:
For example, A website can make you mine Monero each time you read a story, and can let it stop 60seconds later or 5minutes later. Or they can even make you mine Monero at random interval as you browse through the website.

This might even be used in games and apps to replace advertisements. CoinHive takes 30% share of total mining and pay out 70% to your Monero wallet. Though, the money earned compared to ads might be less. But who knows, Monero price could go up and lead to something really interesting in terms of profit.

Read more ...

Massive database containing over 560 million passwords discovered

Tuesday, May 16, 2017

Looks like it’s time to change passwords again. Security researchers have discovered a massive database of login credentials — over 560 million emails and passwords — put together by an unknown person. All of the information is insecure.
The database was discovered by the Kromtech Security Research Center, who ran the information with Troy Hunt. Most of the information is already on Hunt’s Have I Been Pwned site, which allows users to see if their accounts have been compromised in previous data breaches.

That means most of the information contained on this database was compromised during other incidents at sites such as LinkedIn, LastFM, Tumblr, and Dropbox. So if you didn’t change your password during the original breach on any of those sites, now (when the information is floating around) is definitely the time to do it.
No one knows who actually put the database together, but the researchers are calling them “Eddie” after a user profile name in the data.

Curled from: TNW
Read more ...

Global Ransomware Attacks 74 Nations - Used NSA Hacking Tools 'At A Scale Never Seen Before'

Friday, May 12, 2017

A massive ransomware campaign appears to have infected a number of organisations around the world.
Computers in thousands of locations have apparently been locked by a program that demands $300 in Bitcoin.
There have been reports of infections in more than 70 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan.

Many security researchers are linking the incidents together.
The UK's National Health Service (NHS) was also hit by a ransomware outbreak on the same day and screenshots of the WannaCry program were shared by NHS staff.
One cyber-security researcher tweeted that he had detected many thousands of cases of the ransomware - known as WannaCry and variants of that name - around the world.

"This is huge," said Jakub Kroustek at Avast.

Security firm Kaspersky Lab has recorded more than 45,000 attacks in 74 countries in the past 10 hours. Seventy-four countries around the globe have been affected, with the number of victims still growing, according to Kaspersky Lab. According to Avast, over 57,000 attacks have been detected worldwide, the company said, adding that it "quickly escalated into a massive spreading."

Several experts monitoring the situation have linked the infections to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the US National Security Agency (NSA).
A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed.
Some security researchers have pointed out that the infections seem to be deployed via a worm - a program that spreads by itself between computers.

'Turn off PCs'

A number of Spanish firms were among the apparent victims elsewhere in Europe.
Telecoms giant Telefonica said in a statement that it was aware of a "cybersecurity incident" but that clients and services had not been affected.
Power firm Iberdrola and utility provider Gas Natural were also reported to have suffered from the outbreak.
There were reports that staff at the firms were told to turn off their computers.
At least one local authority in Sweden also appears to have been a victim.
"We have around 70 computers that have had a dangerous code installed," the mayor of Timra, a town to the north of Stockholm, told the Reuters news agency.

Explaining the global ransomware outbreak

Unlike many other malicious programs, this one has the ability to move around a network by itself. Most others rely on humans to spread by tricking them into clicking on an attachment harboring the attack code.
By contrast, once WannaCry is inside an organisation it will hunt down vulnerable machines and infect them too. This perhaps explains why its impact is so public - because large numbers of machines at each victim organisation are being compromised.

Screenshots of WannaCry with text in Spanish were also shared online.
In Italy, one user shared images appearing to show a university computer lab with machines locked by the same program.
Bitcoin wallets seemingly associated with the ransomware were reported to have started filling up with cash.

'Spreading fast'

Another firm that confirmed it had been caught out was delivery company FedEx, though it did not clarify in which territories it had been hit.

"Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware," it said in a statement.

"We are implementing remediation steps as quickly as possible."

Portugal Telecom also confirmed it was struck: "But none of our services were affected," a spokeswoman told Reuters.

And a spokesman for Megafon, the second largest mobile phone network in Russia confirmed some of its computers had been infected also.

"This is a major cyber attack, impacting organisations across Europe at a scale I've never seen before," said security architect Kevin Beaumont.

According to security firm Check Point, the version of the ransomware that appeared today is a new variant.
"Even so, it's spreading fast," said Aatish Pattni, head of threat prevention for northern Europe.

Curled from: BBC
Read more ...

Webroot Antivirus goes berserk, labelling Windows core files as Virus

Tuesday, April 25, 2017

Webroot's security tools went berserk today, mislabeling key Microsoft Windows system files as malicious and temporarily removing them – knackering countless PCs in the process.
Not only were people's individual copies of the antivirus suite going haywire, but also business editions and installations run by managed service providers (MSPs), meaning companies and organizations relying on the software were hit by the cockup.
Between 1200 and 1500 MST (1800 and 2100 UTC) today, Webroot's gear labeled Windows operating system data as W32.Trojan.Gen – generic-Trojan-infected files, in other words – and moved them into quarantine, rendering affected computers unstable. Files digitally signed by Microsoft were whisked away – but, luckily, not all of them, leaving enough of the OS behind to reboot and restore the quarantined resources.
We understand that all versions of Windows were affected by today's gaffe, and that a kill switch within Webroot's systems kicked in to halt the mass quarantining before any long-lasting damage was done. Webroot boasts it has 30 million users. Its software also, weirdly, misidentified Facebook and Bloomberg's websites this week as phishing sites, blocking access to them.
For those hit by Webroot's assault on Windows files on Monday, there are official fixes suggested for those using the Home edition and Business editions of the antivirus suite.
"We understand that this is a consumer and business issue," a Webroot rep confessed in a on its support forums. "We understand that MSPs will require a different solution. We are currently working on this universal solution now."
Suffice to say, there are a wedge of furious and confused folks on the support boards, with angry IT admins reporting thousands of endpoints going nuts.
Webroot, whose slogan is "smarter cybersecurity," is working on a solution for all. The timing of the file classification blunder couldn't be worse for at least one employee. Gary Hayslip was hired earlier this month as Webroot's chief information security officer, and this can't be a fun first few weeks on the job.
The biz is also looking to hire a senior software engineer for its Windows line. Based on today's kerfuffle, they might want to consider upping the headcount a bit more in this area to ensure that customers don't get hammered in the same way again, in light of February's little snafu that also left Windows users borked.
A Webroot spokesperson told The Reg: "We know how important internet security is to our customers, and the Webroot team is dedicated to resolving the issue. We will provide updates as soon as they are available." ®


Webroot has now released an application for its business and managed service providers to fix the issues crashing Windows machine.
"For access to the repair utility, business customers should open a ticket with Webroot support, or reply to an existing support ticket related to this issue," Mike Malloy, EVP of products and strategy at Webroot.
"Our entire Webroot team has been working around-the-clock on this repair and is implementing additional safeguards to prevent this from happening in the future. We apologize to our customers affected and appreciate their patience during this challenging issue."

Source: TheRegister
Read more ...