Home » scrypt miner » Fresh Deepfakes forum goes mining with Coinhive – Malwarebytes Labs, Malwarebytes Labs

Fresh Deepfakes forum goes mining with Coinhive – Malwarebytes Labs, Malwarebytes Labs

New Deepfakes forum goes mining with Coinhive - Malwarebytes Labs, Malwarebytes Labs

You may or may be familiar with the roem overheen Deepfakes, a relatively fresh development te pornography involving a contraption called FacesApp, which is capable of producing a real porn clip that substitutes the original actors’ goes with those of celebrities—or indeed, anyone at all.

Online fakes have bot around since the early 2000s or possibly even earlier, alongside those old photos, fakers would also make the odd terrible pornografie flick. Those movies would fairly literally be a static cut out of a celebrity’s head stuck onto the assets. Some 20 years zometeen, the tech has caught up, and the web is all of a sudden dealing with the fallout.

FacesApp permits people to “train” an AI to create a realistic head so the toneel is practically indistinguishable from reality. The AI is trained by feeding it pics or footage of people, the more gegevens it has to go off, the more realistic everything is.

After a media firestorm, the inescapable has happened. All of the Deepfake subreddits, where the majority of content wasgoed being created, have bot taken offline after major players such spil Twitter and PornHub had already effectively banned Deepfake content from their networks.

The Deepfake tech is available for pretty much anyone to make use of—the only real barrier to entry is having a powerful PC capable of withstanding the intensive training process, which can take hours or days to finish.

Now, if you were a crafty cybercriminal and knew that the main Deepfakes sources were taken offline, with a sizable community of content consumers and creators with heavy-duty PC equipments abruptly set adrift, what would you do?

The reaction, of course, is monetize potentially dubious fakes that you didn’t create yourself and hammer visitor’s PCs with mining scripts.

One of the most popular “lifeboat” sites wij’ve seen for those unceremoniously dumped from the tender embrace of reddit wasgoed being promoted pretty intensely on surviving subreddits:

Click to increase

On the surface, it looks like a fairly typical forum, and it’s bot getting a fair bit of activity so far. It all looks legit—or at least spil legit spil can be given the controversial content on suggest:

Click to increase

A quick check of the source code, while your CPU likely ramps up to 100 procent, would tell a slightly different story:

Click to enhance

Wij have some Javascript located at:

Click to enhance

Sure, you could attempt to make sense of it spil is. Or, you could just unpack it instead and save yourself a headache because that is a large, confusing pile of code. What is it doing?

var Miner=function

…miner…function? Did this webpagina place mining scripts ter the background?

Click to enhance

self.CoinHive.CONFIG=

They sure did, and wij block both the mining and the webstek ter question.

Click to increase

Coinhive is something wij’ve bot blocking since October. It permits you to place cryptocurrency mining scripts on your webpagina, similar to how regular adverts are placed, except it’ll attempt to make spil much use of your machine spil possible to whip up some Monero coins for the webpagina holder. Here’s an example of a webpagina pushing a PC to the limit via mining scripts ter the background. Check out the resources being gobbled up on the right-hand side:

Click to increase

Ter an age of people leaving dozens of tabs open and going for dinner, websites running scripts that ramp you up to 100 procent CPU usage and generate a fair bit of fever ter the bargain just aren’t my thing. Now that wij have DIY fake porn tech which requests high system specs and also has people at the same time making content spil well spil downloading it, they’re prime targets for a spot of potentially surreptitious cryptomining taking place behind the scenes.

Wij’ve seen a few mentions of other Deepfake aficionados complaining about dodgy sites, and wij’ll be taking a closer look to see what’s out there. All te all, you’re very likely better off steering clear of the entire mess and taking up a less stress-inducing hobby (for you and your laptop).

Keep your security implements up to date, make informed decisions about what you want to block, and keep those CPU temperatures down to a ondergrens!

Related movie: What is IPStock? – Stock Pics on the Blockchain? – #REVIEW


Leave a Reply

Your email address will not be published. Required fields are marked *