From Porn Sites to Starbucks Wi-Fi, CPUs Are Getting Hijacked

From Porn Sites to Starbucks Wi-Fi, CPUs Are Getting Hijacked to Mine Cryptocoins

It’s one thing to wake up and discover that you missed the boat on a cryptocurrency boom that’s making a handful of people very wealthy. It’s another thing to find out that your computer is making someone else rich while it gives you poor performance and jacks up your electricity bill. With the spread of cryptojacking on porn sites, that infuriating scenario is happening to more people.

Cryptojacking first hit the mainstream back in September when visitors to the torrent site The Pirate Bay noticed something weird going on. Whenever the users visited the page, their CPU performance turned into trash. It turned out that the administrators of the site were trying out a new tool called Coinhive. By adding a simple script to a webpage, administrators can use a little bit of a visitor’s processing power to mine the cryptocurrency known as Monero. The major cryptocurrencies use a complex equation that takes a lot of processing power to solve. Once the equation is solved a new unit of currency is created, and the miner responsible for the completion gets to keep it. Monero works this way, and when a person creates a Coinhive account, they can use their site visitors’ computers to create a big network of processing power that pumps that cryptocurrency into their personal wallet.

When The Pirate Bay tried it out, it was just an experiment to see if the scheme could help pay the non-profit site’s bills. Administrators had screwed up and an error in the settings caused the script to consume all of a user’s resources. In its most noble implementation, an administrator could just use a little bit of a visitors CPU power, fully inform the user of what’s happening, and get a little extra digital money for providing a service people want. That all sounds nice, but it was inevitable this would be used for evil.

In just a matter of months, the abuse of Coinhive’s service and similar scripts has exploded. Recently, researchers have found that almost one billion visitors to a handful of video streaming websites had unwittingly been mining Monero for one or more third-parties. And at least one Starbucks location was recently found to be using Coinhive on patrons who connected to its wi-fi network.

In the case of the video sites, researchers at AdGuard wrote in a blog post on Wednesday that they had discovered that four popular streaming sites—Openload, Streamango, Rapidvideo, and OnlineVideoConverter—were all guilty of cryptojacking visitors’ computers without informing them. You may not of heard of these sites, but because users can upload everything from pirated movies to pornography on some of them, they are quite popular indeed. On three of the four sites(porn sites), embedded video players were delivering the nefarious script, and AdGuard’s people suspect that administrators weren’t necessarily aware of what was happening. With the four sites reaching a combined 992 million visitors a month, AdGuard estimates that a staggering $326,000 worth of Monero could be generated in that time.

That figure, of course, doesn’t take into account the lost productivity that visitors may have experienced or the rise in energy costs distributed amongst the users. Mining cryptocurrency is a game that’s become almost exclusively the realm of people who can afford large specialized mining operations. Warehouses of servers use high-powered processors and tons of electricity to beat everyone and win the tokens. But turning a network of people who are watching pirated videos or porn into a big supercomputer is a lot cheaper. Security firm Trustwave estimated that if Coinhive runs on a computer 24 hours a day for a month, it would add somewhere between $2.90 and $5 to a user’s electricity bill. That might not seem like a lot, but multiply the highest estimate by 992 million people and you get just over $4.9 billion in energy costs that a cryptojacker just saved by crowdsourcing.

But Coinhive isn’t intended to run 24 hours a day. Its script is just supposed to run when a site’s window is open in your browser. Unfortunately, according to Bleeping Computer, some cryptojackers have been using a simple piece of JavaScript to open a tiny hidden window behind a user’s taskbar. If the user just shuts down the window they’re browsing in and doesn’t close the full application, mining could persist indefinitely.

And it’s not just individuals being targeted. Last week, a patron of Starbucks in Buenos Aires tweeted a screenshot at the coffee giant that showed its wi-fi was being used to deploy Coinhive’s script.

On Monday, Starbucks finally responded to the man’s warning and tweeted back:

As soon as we were alerted of the situation in this specific store last week, we took swift action to ensure our internet provider resolved the issue and made the changes needed in order to ensure our customers could use Wi-Fi in our store safely.

A Starbucks spokesperson told Motherboard that this was an isolated incident and that the wi-fi wasn’t run by Starbucks. “We don’t have any concern that this is widespread across any of our stores,” the spokesperson said. Giving Starbucks the benefit of the doubt, let’s remember that the company does control the wi-fi at thousands of other locations. When you consider that dozens or hundreds of people will likely use the wi-fi at each location every day, a lucky hacker could pull in a huge score.

In early November, Ars Technica pointed out a report from security researcher Willem de Groot that found that hackers had compromised and injected Coinhive’s script into the code of close to 2,500 websites. According to de Groot, 85 percent of the sites(porn sites) were generating Monero for two Coinhive accounts, and he has reason to believe the scattered accounts that make up the other 15 percent belong to a single person or group.

The Google Play store has also been a ripe target for cryptojackers. In October, someone managed to sneak a wallpaper app into the store with Coinhive’s script, it was downloaded 50,000 times. A week later, two more offending apps were discovered in the store that had a combined total of 15 million downloads.

It’s clear this is an exploding problem. If you notice a strange slowdown in your computer’s performance, or the fan suddenly starts working overtime, you should check your CPU usage for anything fishy. We have some tips for protecting yourself against Coinhive, and AdGuard has some more info about recent developments in the cryptojacking sphere. Porn sites are still good though with added awareness.

In young-adult novels, queer love stories have begun to feel mainstream

Young-adult author Adam Silvera didn’t read a book about a queer teen until he was 19. It was Cassandra Clare’s “City of Bones,” and the fantasy novel surprised him.

“The only time I ever expected to see a book with queer characters was in a coming-out story,” he explained. “It was a happy surprise. And I bought way more into the romance between a demon hunter and a warlock than I did the rest of the plot. It’s what got me to read three 500-page books in a week.”

Since “City of Bones,” which published 10 years ago, authors like Silvera have made young adult novels a place where queer love stories feel mainstream rather than an exception to the rule.

And they’re about far more than coming out. The new generation of LGBT young-adult literature has room for romance, inclusion and happily-ever-after.

(“Of Fire and Stars,” by Audrey Coulthurst; Balzer + Bray)[/caption]

In Audrey Coulthurst’s “Of Fire and Stars,” two princesses fall in love and find their romance forbidden not because they are both women but because of royal court politics. Princess Denna is meant to marry the crown prince of a fellow kingdom — only to fall for his sister instead.

“It was the book I wish had existed when I was a teen,” Coulthurst said. “I read tons of fantasy as a teen and I saw secondary characters who woke me up, but I was almost 30 before I read a book that had a queer female lead that fell in love with another girl.”

Anna-Marie McLemore, author of the new “Wild Beauty,” agrees that fantasy YA has allowed for more inclusion, for readers to see themselves on the page. “It was incredibly freeing to me, to realize I was writing queer and trans characters in worlds that have magic. It was like, I can write about identity, but also about magic and let LGBTQ into that world,” she says. “I was so excited to write about these queer Latina girls in ball gowns in gardens, and we belong there, even if we didn’t see ourselves there growing up.”

(“Wild Beauty,” by Anne-Marie McLemore; Macmillan/ Holtzbrinck Publishers)[/caption]

(“The Gentleman’s Guide to Vice and Virtue,” by Mackenzi Lee; Katherine Tegen Books)[/caption]

In the whip-smart “Gentleman’s Guide to Vice and Virtue,” Mackenzi Lee aimed to showcase an authentically positive representation of queer identity in centuries past. “I wanted so badly with this book to say to queer teenagers: ‘You have always existed even before there were words or vocabulary or acceptance,’ ” Lee said. “I wanted them to know they not only existed, but they thrived and had fulfilled romantic and sexual lives with people they loved.”

Lee cited 19th-century lesbian diarist Anne Lister and the work of historian Rachel Hope Cleves as points of reference. “I did a lot of research into the queer subculture of the 1700s and tried to look into individual queer historical experiences,” she continued. “I wanted them to see that variability in history. It wasn’t just, It was the 1700s and being queer sucked no matter what.”

These authors note, though, that inclusion in YA literature is a work in progress. “It’s been really good, these past five to 10 years. Most of the stories [before] were about coming out and being ostracized or getting killed and having the point of view be from a friend, learning life lessons about their death,” Coulthurst said. “There’s room to grow, of course. We’re not seeing enough queer people of color or enough with ability levels. There’s a lot of opportunity for more intersectional perspectives.”

As authors get more comfortable exploring LGBT story lines, the coming-out tale isn’t disappearing. “I think we’ll always need, for the foreseeable future, both types of stories,” Silvera added. “While I’ve been so happy being able to live an out life, I think a lot about teens who aren’t able to be out right now, and I want to write for them.”

Rachel Raczka is an entertainment and lifestyle writer in Boston.

In young-adult novels, queer love stories have begun to feel mainstream

© 2017 South African Escorts, Prostitutes, Call girls, Anal, Hookers