YouTube ads have now become the latest playground for covert cryptocurrency mining malware. The video sharing website was caught displaying ads that covertly use a visitor’s CPU power to mine cryptocurrencies.
The issue became evident last week after complaints emerged on social media that YouTube ads were causing a red flag on various anti-virus software. The warnings continued even after users changed browsers and appeared limited to when people visited the YouTube site.
Researchers from Trend Micro – an international cyber security firm – confirmed on Friday that there was a strong uptick in the use of Coinhive earlier in the week. According to Trend Micro, attackers were exploiting the DoubleClick ad platform by Google to display the mining malware to YouTube visitors in specific countries such as France, Spain, Taiwan, Japan, and Italy.
Coinhive is a digital currency mining software that has stirred up a lot of controversies as it allows subscribers to benefit by mining cryptocurrencies using the CPU power of user’s computers. The idea behind this is to provide website owners with an alternative monetisation route so that they do not need to fill their websites with adverts. However, the majority of Coinhive scripts have been used without informing users that their CPU power is being drained to mine monero, which is why the Coinhive software is largely being classified as malware today.
Prolonged YouTube Site Visits
Troy Mursch, an independents security researcher, told Ars Technica in an interview:
“YouTube was likely targeted because users are typically on the site for an extended period of time. This is a prime target for cryptojacking malware, because the longer the users are mining for cryptocurrency the more money is made.”
Mursch went on to mention the September campaign that used Showtime’s website to give cryptocurrency mining ads as an example of video sites that were being targeted by attackers.
In some instances, the malicious mining script had images that displayed ads for fake antivirus programs that then scam people and have them pay for fake programs. A user will run the software thinking it is an antivirus but unbeknownst to them, it is malware. Ads analyzed by researchers at Trend Micro and shared on social media showed that the fake antivirus ads mined Monero coins and used a Coinhive site key. The international cyber security company said the campaign kicked off on the January 18, and that it was hard to know the exact number of coins that had so far been mined.
Google Statement Regarding the Malware
In an email sent to Ars Technica, a Google representative wrote,
“Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively. We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge. In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.”
While the above statement from Google states that the ads were quickly blocked, Trend Micro’s findings showed that the scripts were activated from 18 of January and about a week later – 24 of January to be precise – the company had witnessed a 285 percent spike in Coinhive miners. The Google representative did not respond to any follow up questions regarding the timelines for the blocked ads.
As the web-based crypto mining malware issue becomes more rampant, different antivirus programs are warning people of cryptocurrency mining malware that are present on websites and are providing users with an option to block them.
Ethereum: What You Need to Know About the World’s Most Popular Altcoin
Consistently seen to be not only the most popular but also the most profitable altcoin – Ethereum deserves your attention.
Well, now that we have your attention, it’s probably important to note that ether, not ethereum is the popular altcoin. While ethereum and ether seem to be used interchangeably most of the time, the fact is that ether is the cryptocurrency that’s associated with Ethereum – a distributed computing platform. To keep things straight if you’re new to altcoins, it’s always wise to seek the help of a trading platform geared towards beginners, like Bitvavo.
Stay with us, it gets weirder.
How it All Started
Vitalik Buterin, a programmer and co-founder of Bitcoin Magazine argued that bitcoin wasn’t reaching its potential. While the well-known cryptocurrency is fairly ideal for processing straightforward monetary transactions, it’s incapable of imposing any type of terms or conditions onto the system of payment. Meaning, that you can send and receive bitcoin, but you can’t request specific tasks to be executed in exchange for these coins. Or you can, but there’s no way of enforcing that either the tasks will be done, or the fees will be paid.
This is where Buterin made clear that he believed that Bitcoin needed a scripting language in order to create applications and contracts and Ethereum was born. While Ethereum began to develop in 2013, it wasn’t released until early 2015. Since that time, Ethereum has stuck to its initial premise of continually updating and upgrading its product to ensure usability, functionality, security, and decentralisation.
As opposed to the Bitcoin hard forks that have created much controversy and less than memorable offshoots of the coin, Ethereum releases prototypes for beta-testing. During beta-testing, the Ethereum network offers “bug bounties” for any users willing to stress test the proposed system update and its limits. Making beta-testing the new platforms incentivised.
While the network has seen their share of hard forks, they exist only in response to cyber attacks, as opposed to differing viewpoints on how the system should work.
Offering What Bitcoin Can’t
The progression of the program itself isn’t the only way in which Ethereum differs greatly from its predecessor, Bitcoin.
Ethereum Virtual Machine
While Ethereum can offer a transfer of monetary value through the use of ether – it’s a unique cryptocurrency – the network is truly designed to be something more. The ethereum network is what is considered a “distributed computing system”.
This means that much like in Bitcoin, millions of computers around the world are connected to a general network. These computers (called “nodes”) all interact with one another via messages or “instruction sets”. These instruction sets identify a common goal that all of the nodes are capable of working on cooperatively. This decentralised network is called the “Ethereum Virtual Machine”.
What makes this virtual machine so incredibly useful and unique is that it’s “Turing-complete”. This means that each computer is capable of understanding, executing, or recognising other types of instruction sets or programming languages. Meaning a computer in Istanbul is capable of simulating the same data requests as a computer in Zimbabwe… or Lima… or Boston, London, Toronto, and so on. Meaning that any node within the virtual machine is just as capable of carrying out a specific task as any other node.
This virtual machine really shows its versatility and usefulness when it comes to smart contracts. The name can sometimes be a bit misleading, as these contracts aren’t really “smart” but specifically programmed to execute certain functions without the use of an intermediary.
This is basically just a fancy way of saying that instead of using some human arbiter to ensure the terms and conditions of any agreement are carried out- a computer program does it instead. This not only saves people time and money but is infallible, as one step cannot continue without a previous step being carried out and verified first.
Imagine yourself walking up to a souvenir penny machine. These machines take a penny, squish a fancy pattern on to it, and allow you to bring home a fun piece of nostalgia back from your holiday. In order to get that coveted squished penny, a person must first insert payment (we’ll say about 50 cents) and a penny to be squished. Once the coins are accepted by a machine, the person then chooses their favorite design. The chosen design is then stamped onto the penny and it is delivered to the person.
You can’t walk away with a souvenir penny without choosing a design. There’s no way you could possibly choose a design without a penny to put it on, and you most certainly won’t get that penny accepted to be squished in the first place if you don’t pay your 50 cents. There’s no way to move from one step to another without completing each step in a sequence. This is how smart contracts work. Each term or condition must be met and verified before moving onto the next step. Each step must be completed in the order given to finish out the contract in which each party leaves with their purchase or their money.
Gas Computational Metering
Ether, the cryptocurrency associated with Ethereum, is much more than just another type of digital currency. In fact, it oftentimes works much more similar to a token one that pays for something called “gas”.
Gas is one other thing that enables Ethereum to create novel and dynamic agreements, as instead of paying directly for a service or product, ether is used to pay for the computational effort required in order to execute any specific contract. Much like we a meter to tell us how much we need to pay for water usage, gas is a system of measurement used to calculate the cost of computational effort.
Once the amount of gas required to execute any particular function is computed, a user then pays for that function in ether. However, it is a pay-before-you-go system. So, keeping in mind that gas is simply a unit of measurement, it is applied similarly in the way that you would think about using gasoline to go on a road trip. If you have a destination you’d like to get to, you must first go to a service station and fill up your car’s tank with gasoline in order to get to that destination.
However much gas would be required to fully execute all the steps of a smart contract, from start to finish, is calculated before the computation begins. Ether is then paid to the programmer who will be coding the contract, and as long as you have enough gas in the tank, the contract is then carried out in full.
Scam Alert! Scammers in Kenya are Now Using Facebook’s Libra to Defraud Crypto Users
Scammers in Kenya are now using Libra to make quick gains from unsuspecting victims through a company called Calibra Kenya.
According to its website, the “company” is promising to increase investors’ money three-fold within six months if they invest amounts from KES 20,000 to KES 950,000. The deadline for this “investment deal” (read scam) is November 31, 2019.
Facebook’s Libra is yet to Launch
“Calibra Kenya” is cashing in on Facebook’s Libra, a cryptocurrency that is not yet rolled-out. Calibra Kenya told Gadgets Africa that they are waiting for the Libra launch in January 2020 for investment to begin. However, it is currently unclear when Libra will launch. Facebook had originally announced 2020 as the launch date but the company has said that it will only launch until it has sorted out regulators’ concerns.
Since Facebook announced the cryptocurrency in June, the embattled crypto project has lost a quarter of its members while Mark Zuckerberg is set to testify before the US House Committee on Financial Services today.
The Kenyan “company” has borrowed the name from Libra’s digital wallet, Calibra.
Scammers That Are Also Self-Proclaimed Philanthropists
“Sir John,” a Twitter account holder promoting Calibra Kenya, claims he is a philanthropist. This is similar to a scam story BitcoinAfrica.io recently covered where the alleged swindler was a self-proclaimed philanthropist on LinkedIn. The aforementioned Twitter account also belongs to the Libra Cryptocurrency Association Kenya.
GROW your money by 3 times within 6 months. INVEST Kshs 20,000-Kshs 950,000 in CALIBRA KENYA and earn a return of 50% every month.
NB: LIMITED OPPORTUNITY.
Grab your ticket to financial freedom. INVEST TODAY.
— Sir John | Libra Cryptocurrency Association Kenya. (@SirJohnLibra) October 19, 2019
While scamming and philanthropy have nothing in common, it appears that scammers could have found a way to entice their victims in the name of social good.
Moreover, the fact that Sir John claims he is a nature-lover and a passionate entrepreneur and investor in the fintech industry goes to show how far scammers will go to appear legit.
Spotting the Red Flags
It might be obvious to most that Calibra Kenya is a scam but to some, this might not be the case. Therefore, here is a list of what is wrong with this “investment opportunity”:
- Libra has not yet launched. Anyone asking you to invest in a currency that does not exist is a fraud.
- Any individual or company that is promising a 50 percent return every month on investments is a scammer. Such high returns are unrealistic. Additionally, in a volatile market, returns cannot remain constant and are bound to fluctuate from month to month.
- Facebook’s Libra only has one association, the Libra Association, which currently has 21 members. These members are well-known international companies like Uber, Spotify, Vodafone, Mercy Corps, Xapo Holdings, PayU, and Coinbase. Libra Cryptocurrency Association Kenya and Calibra Kenya, therefore, have nothing to do with the real Libra Association.
- Should you consider a website with grammatical errors suspicious? Yes, you should! Calibra Kenya’s website is guilty in this regard.
- According to Calibra Kenya, investors will get their money back at the end of the contract. This is a cause for alarm as any legit investment platform should allow investors to withdraw their investment plus returns at any time.
- On their website, Calibra Kenya throws around crypto and blockchain-related terminologies to confuse and mislead their readers. For instance, they claim that they create smart contracts, that they are the official Libra cryptocurrency exchange in Kenya, and that they are a tier two member of the Libra Association. This does not make any sense and is only meant to confuse readers.
- The website contains a lot of payment information which is another red flag. It indicates they are only focused on making money.
- Their website is too “salesy.” Words like “investment opportunity,” “invest now,” and “we make your dreams a reality” are obvious red flags.
- Calibra Kenya does not provide a platform for investors to track their investments. That means that once you send them money, you have no way of finding out how your investment is performing. The only mode of contact is a phone number that they could easily disconnect.
Unfortunately, reports of crypto-related scams are increasing as major developments take place in the industry. Similar fraudulent websites also appeared during Telegram’s token sale, for example.
Particl Launches Decentralised Marketplace With Zero Commission Fees
Privacy-focused cryptocurrency project Particl has launched a decentralised marketplace with zero commission fees. The new e-commerce platform is leveraging blockchain technology to compete with the likes of Amazon and OpenBazaar.
Privacy and Zero Commission Fees
The new decentralised marketplace respects user privacy and does not require personal information from its users. The platform only requires a shipping address. Moreover, the decentralised nature of the Particl marketplace ensures that no commissions are added to sales as is the case on Amazon.
According to an article on Big Commerce, fees for sellers can be as much as 45 percent of a product’s cost on Amazon. Particl’s zero-free model, therefore, enables sellers to significantly increase their revenue and lower their prices to stay ahead of the competition while still making a profit.
“Using a combination of P2P and blockchain technologies, Particl Open Marketplace can provide a verifiable private shopping experience that ensures no user data can be created or collected by any party other than the one you are transacting with. The Particl protocol also brings the cost of buying and selling online to the bare minimum as no central entity can charge fees,” said Particl’s Project Marketing and Strategy Manager Paul Schmitzer.
How Particl’s Decentralised Marketplace Works
Particl is uniquely approaching fraud and trade insurance through the use of a double deposit escrow system without intermediaries and with zero fees. This system is based on MAD game theory where two parties deposit PART coins as collateral into a smart contract. Once the transaction between them is complete, the coins are released back to the parties and no fees are charged. This system allows users to be in control of their transactions and to eliminate fraud.
Since the marketplace is decentralised, the protocol generates all listing fees and redistributes them to the global network of users.
Particl is made up of three components: an untraceable multi-purpose privacy coin, a private decentralised marketplace where users can shop with cryptocurrencies, and a platform where developers can build decentralised applications.
Particl allows a wide range of cryptocurrencies and uses atomic swaps and third-party integrations to convert these coins to PART during transactions. The company will soon add more payment options to its marketplace.
In 2018, Bitcoin Africa talked to Particl’s spokesperson Desi-Rae about the project. Read the full interview here.
How Mobile Apps are Changing Sports Betting
Weekly Roundup: Africa’s Cassava Network Partners with UniPass to Expand Crypto Adoption in Africa & More
Weekly Roundup: Kenyan Senate in Discussion with CBK to Legalise Bitcoin & More
Weekly Roundup: South Africa Introduces New Cryptocurrency Standards to Advertising Code & More
ND Labs Launches Crypto Exchange Software Development
Weekly Roundup: African Web3 Mobile Games Publisher Carry 1st Secures $27M in Funding & More
Weekly Roundup: Morocco’s Central Bank Announces Completion of Draft Cryptocurrency Regulatory Framework & More
Weekly Roundup: Nigeria Looking to Legalise Cryptocurrency Usage, CAR’s Sango Coin Postponed & More
Weekly Roundup: South African Crypto Exchange VALR Launches in Zambia & More
Weekly Roundup: Kenya’s Capital Markets Bill 2022 Seeks to Tax Crypto Transactions & More
Features2 years ago
What Happened to “Bitconnect Guy” Carlos Matos?
Press Releases3 years ago
Sikix Exchange Launches with MoonPay as a Payments Partner
Sponsored Posts3 years ago
How to Make Profit Selling Bitcoin in South Africa During 2020
Sponsored Posts3 years ago
UMI Blockchain Ecosystem: Instant Transfers, Smart Contracts, and Profitable Staking
Guides3 years ago
How to Trade Cryptocurrency on Sikix.io
Features3 years ago
RESIST! How Activists Can Use Bitcoin
News3 years ago
Weekly Roundup: Bitcoin Hits New All-Time High, Expert Predicts Africa is the Future of DeFi
News3 years ago
Weekly Roundup: Binance Uganda to Close Up Shop, Gifts Cards “Moon” on Paxful