I recently noticed rather a lot of tracking urls on one of your sites. I did some digging and they didn’t generally seem to be good things, various references to it possibly being malware or PuP.
Well after way too much digging the problem was being caused by a snippet of code from 33across dot com. They do a thing which tracks when people copy and paste off your site which I’d been testing on a couple of sites, and the same code got inadvertently copied to a couple of sites to other sites through reusing parts of themes.
These were the main domains I which were being called:
Well apparently this code seems to add a bunch of tracking and potentially not so great urls, *maybe* also with the ability to redirect occasional visitors? dunno. Either way it’s gone now and solved the problem.
When I was looking there was lots of mentions of things being potential malware but the 33across connection was never mentioned and nothing about this *seems* malicious so far but who knows what I’m not seeing.
Although the stuff in the links below seems to be a slightly different thing, namely some sort of installed malware (but also related to bluekai.com), that the domain tracking stuff on my site is even slightly associated with that isn’t what I’m looking for, so it had to go:
So a few little updates on the crypto-radiator (see previous post HERE) …I’ve had quite a few bits and bobs going on with cryptocurrencies in general recently and partially inspired by Monero’s recent run to over $100 I had some ideas for how to improve the efficiency of the system.
So far it’s been mining on the CPU only, which outputs about ~60Hashes/sec (H/s), clearly not gonna be profitable but the more I’ve thought about this, the more it’s highlighted the importants of the “primary reward” as a factor.
By that I mean – if you’re purely mining crypto to make profit then you have quite a tricky task, and you end up in quite a precarious position since if your system isn’t profitable (which can happen at any moment) you’re shit-outta-luck and potentially thousands of $$ in the hole.
However if your primary reward is *heat*, and you’re only using mining crypto as a way of recouping some of that cost, the situation looks a lot more favourable…since heating is something you’d have to pay for anyway, and if you can get it significantly cheaper then you’re winning, even if it fluctuates a bit.
So as you probably know by now know I take quite an interest in the actual techniques scammers use in their various endeavours. Systems like ebay and amazon go to quite some lengths to prevent scammers but I find it fascinating how some still manage to sneak through.
Today’s example is this seller Stelfox1973. For argument’s sake let’s call him Michael Fraser. Here’s his ebay profile:
So just a little update re the crypto-radiator – I’ve since got the TEMPer USB thermal probe working on the machine and have set it to log temperatures.
There is however a slight issue in that the usb ports are on the back of the machine and that’s also where the warmed air comes out , so the heat from that does affect the reading from the TEMPer device somewhat, which means the temperature reading can’t really be relied upon to be entirely accurate.
Just found this wordpress penetration-testing tool – looks pretty handy, especially since it seems to have some follow-up tools to do stuff once you’ve gained access. Another one for the testing arsenal!