Verwaltet von:
#cryptojacking
For those who don't know the size of the problem:
In 2006 I bought a new [entry level] Computer with 256 MB of RAM and a single-core P4 Celeron with 2,8 GHz.
This thing ran #WindowsXP and #NeedForSpeedMostWanted just fine.
Nowadays it would crash trying to open #Slack even on a minimalist #Linux distro like @bunsenlabs in @dillo, a lightweight browser ...
And now imagine that some folks have to use #Slack, #MicrosoftTeams, #Telegram, #Signal, #WhatApp, #WeChat, #QQ and #LineMessenger at the same time on their machine, and you can imagine that this will make entry-level desktops already scream harder than if someone were to loop the Lost Coast benchmark on them...
- The #bloat of modern #WebApps is just the socially accepted equivalent to #Cryptojacking desktops and driving some *phat #SuperUselessVehicle just to get less than a kg of groceries at a walking distance supermarket.
Everywhere else we'd not accept such a #bloatware IRL.
- So why should we accept #obscene|ly #WastefulComputing*?
You know someone fucked up #WebDesign when logging out makes your CPU spike to 85% and the fan sound like one's running a #Shitcoin #Mining #Malware (aka. #Cryptojacker) and closing the tab results in 1 GB less RAM and 3 GB less overall cached assets.
- And yes I did check these results by running
sudo sh -c "sync; echo 3 > /proc/sys/vm/drop_caches"'before, during and after the website has been opened.
@MxVerda I think #JavaScript is being.runed by the fact that it's being abused for #tracking & #cryptojacking #malware to the point that disabling it is a necessity!
@cR0w not really...
Obviously it's the #1 target and every #Skiddie has their own index of #WordPress sites waiting to deploy their #Cryptojacking #malware the second they get their hands on an exploit before people have patched it, but the same applies to #Windows (espechally #WindowsServer!) and other shitty applications...
@tjhexf personally, I hate #JavaScript because it's #ableist, bricks #accessibility and the only "cool" thing it has demonstrated is the abuseability for #tracking and #Cryptojacking #malware!
@cR0w @Dio9sys I bet you #skiddies gonna go #cryptojacking #Monero tonite...
@jonathankoren I'm just the kind of person who expects shit to work on #LynxBrowser over @torproject and if it doesn't then it's ableist trash IMHO.
@ryanc using #JS #Malware to protect against #Bots is just as bad as #CryptoJacking.
- Noone gives a shit whether it's #shitcoins or "#DDoS protection" that makes fan go brr and battery go empty in the end!
RedisRaider alert! Researchers spot a Go-based malware targeting public #Redis servers on #Linux, deploying XMRig miners via config abuse. It scans IPv4, injects cron jobs, and spreads fast—plus anti-forensics tricks! Full story 
https://thehackernews.com/2025/05/go-based-malware-deploys-xmrig-miner-on.html #Cybersecurity #Malware #Cryptojacking #newz
@leberschnitzel shure. Take your time.
- Usually the most effective solutions are further away from said webserver.
Espechally since #JavaScript gets universally blocked by users of @torproject / #TorBrowser like myself simply because every single piece of #JS I came across was not "technically necessary" if not outright #malware designed to do #Cryptojacking, #BrowserFingerprinting and/or steal logins.
@kubikpixel IMHO ist #JavaScript nur für #Cryptojacking-#Malware gut und hat keine Daseinsberechtigung!
Krypto-Diebstahl durch Malware: Cryptojacking-Kampagne kassiert über 300.000 US-Dollar
#Cyberangriffe #Krypto #Malware #ClipboardHijacking #Cryptojacking #KryptoDiebstahl #MassJacker #Solana https://sc.tarnkappe.info/7c6ee7
MUT-1244 targeting security researchers, red teamers, and threat actors https://www.helpnetsecurity.com/2024/12/16/mut-1244-targeting-security-researchers-threat-aws-wordpress-data-theft/ #cryptojacking #Don'tmiss #Checkmarx #datatheft #WordPress #Hotstuff #phishing #Datadog #GitHub #News
@n_dimension most #Cryptojacking #malware is highly automated in that the attackers merely want to maximize profit and minimize labour, as their operations demand so.
Ideally you'd extract the target wallet address and other parameters like pool / login that their instance of #xmrig uses so it can be attributed, blocked and burned for any future use.
Please let me know of any details, so I can add them to blocklists.
@puppygirlhornypost2 @navi And whilst it's easy to blame #GoldenKeyBoot, a leaked #PrivateKey that was impossible to be removed, the problem is that #Windows is architecturally "insecure-able" because any changes necessary to make this not a problem would inherently mean the end for Windows as it's known to most.
- In fact, everything is done better by #Linux on the #Desktop for almost two decades, which is why classic #Malware isn't a thing on Linux systems.
Shure, you get some #Cryptojacking and some #CMS|es like #WordPress that are constantly being attacked but generally, the way #updates and #distribution of #Software works on Linux Distros for the most part is completely antithetical to Windows.
- And that's how we got this realistic scenario
And anything #Microsoft could do at this point if they weren't horny for money but avtually cared is to scrap Windows and instead invest into #Wine to ease the transition...
@mook nodds in agreement
-I wish for strong #accessibility #laws that mandate shit to work on Browsers like #LynxBrowser over #Tor and explicitly ban any measurements that prevent that from working.
In fact I'd say that @torproject should explicitly set #TorBrowser's security to maximum per default and explicitly explain that there is no legitimate reason for #JS to be used!
The only innvation that JS birthed was #CryptoJacking and other #Malware that runs inside #Browsers and commits #WastefulComputing!