Honestly I would never ever execute any code from this guy. He is the inventor/founder behind the coinhive crypto mining network. [1]
This guy made billions illegally [2], and maintained the biggest ransomware crypto coin network for years, by offering the tools and SDKs to fund dozens of cyber war involved agencies across the planet. [3]
I have no idea how he got away with it, because his name keeps appearing in lots of crypto trading companies and trade registries. (Not gonna post them, but you can google his name to find this evidence)
He even organized a doxxing campaign against brian krebs at the time called "krebsistscheisse" via his pr0gramm platform [4] [5] [6], to somehow defend the idea that abusing user's computers for personal enrichment is a legit way of making money if you donate some low percentage to cancer research with it?!?
Sorry, but I would never trust this guy's code again. You should be careful, and audit any code he writes before you execute it.
(Lots of other articles about it, and that dominic szlablewski was the guy behind coinhive, and the original owner of pr0gramm, while still doing development work for the company that owns the imageboard officially nowadays)
I don't know what your personal agenda is, but there's so much misinformation and hyperbole in your comment that I have to assume that this is personal for some reason!?
I've been meaning to write a proper post-morten about all that, now that the dust has settled. But in the meantime, just quickly:
- I did not make billions. You're off by quite a few orders of magnitude. After taxes it was well below $500k.
- Nothing I did was illegal; that's how I got away with it.
- Coinhive was not ransomware. It did not encode/hide/steal data. In fact, it did not collect any data. Coinhive was a JavaScript library that you could put on your website to mine Monero.
- I did not operate it for "years". I was responsible for Coinhive for a total of 6 month.
- I did not organize a doxing campaign. There was no doxing of Brian Krebs. I had nothing to do with the response on the image board. They were angry, because Brian Krebs doxed all the wrong people and their response was kindness: donating to cancer research. In German Krebs = cancer, hence the slogan “Krebs ist scheiße” - “cancer is shit”.
- Troy Hunt did not "snatch away" the coinhive domain. I offered it to him.
In conclusion: I was naive. I had the best intentions with Coinhive. I saw it as a privacy preserving alternative for ads.
People in the beta phase (on that image board) loved the idea to leave their browser window open for a few hours to gain access to premium features that you would have to buy otherwise. The miner was implemented on a separate page that clearly explained what's happening. The Coinhive API was expressly written with that purpose: attributing mined hashes to user IDs on your site. HN was very positive about it, too[1]
The whole thing fell apart when website owners put the miner on their page without telling users. And further, when the script kiddies installed it on websites that they did not own. I utterly failed to prevent embedding on hacked websites and educating legitimate website owners on “the right way” to use it.
I only have access to the trade volume of coinhive's wallet addresses that were publicly known at the time and what the blockchain provides as information about that. How much money RF or SK or MM made compared to you is debatable. But as you were a shareholder of the company/companies behind it, it's reasonable to assume you've got at least a fair share of their revenue.
If you want me to pull out a copy of the financial statements, I can do so. But it's against HN's guidelines so I'm asking for your permission first to disprove your statement.
> Nothing I did was illegal (...) Coinhive was not ransomware
At the time, it went quickly into being the 6th most common miner on the planet, and primarily (> 99% of the transaction volume) being used in malware.
It was well known before you created coinhive, and it was known during and after. Malpedia entries should get you started [1] [2] but I've added lots of news sources, including German media from that time frame, just for the sake of argument [3] [4] [5] [6] [7] [8]
----------
I've posted troyhunt's analysis because it demonstrates how easily this could've been prevented. A simple correlation between Referer/Domain headers or URLs and the tokens would've been enough to figure out that a threat actor from China that distributes malware very likely does not own an .edu or .gov website in the US, and neither SCADA systems.
As there was a financial benefit on your side and no damage payments to any of the affected parties, and none revoked transactions from malicious actors, I'd be right to assume the unethical motivation behind it.
> I did not organize a doxing campaign. There was no doxing of Brian Krebs.
As I know that you're still an admin on pr0gramm as the cha0s user, that's pretty much a useless archive link.
Nevertheless I don't think that you can say "There was no doxing of Brian Krebs" when you can search for "brian krebs hurensohn" on pr0gramm, still, today, with posts that have not been deleted, and still have his face with a big fat "Hurensohn" stamp on it. [9]
As I wrote in another comment, I also said that there are also nice admins on the imageboard like Gamb, and that they successfully turned around that doxxing attempt into something meaningful.
> I don't know what your personal agenda is, but there's so much misinformation and hyperbole in your comment that I have to assume that this is personal for some reason!?
This is not personal for me, at all. But I've observed what was going on and I could not be silent about the unethical things that you built in the past.
To me, doing that lost all trust and good faith in you. The damage that you caused on a global scale with your product coinhive far exceeds whatever one person's lifetime can make up for. And I think that people should know about that before they execute your code and are going to be a victim to a fraudulent coin mining scheme.
Calling this hyperbole and misinformation is kind of ridiculous, given that antivirus signatures and everything are easily discoverable with the term "coinhive". It's not like it's a secret or made up or something.
Your "portfolio page" is quite disrespectful and in line with your behaviour in this HN submission. You've made up too many blatantly obvious lies and are now stooping down to provocating a reaction, because you having nothing better to say. I don't think anyone should trust you.
> Your "portfolio page" is quite disrespectful and in line with your behaviour in this HN submission.
Care to elaborate what is "disrespectful" about my own personal website? How did I offend you, specifically?
> You've made up too many blatantly obvious lies and are now stooping down to provocating a reaction, because you having nothing better to say. I don't think anyone should trust you.
I've cited a lot of news articles, blog posts, insights, even malware databases from multiple globally known and trusted security vendors.
I think Coinhive was really cool and a fantastic idea that was ruined by rogue actors. I love the thought of mining for 20 seconds to unlock reading an article instead of getting out your credit card or even paying with crypto. Completely anonymous payment with zero overhead.
Added some more links/news because I was on the mobile before.
If you google "doxxing brian krebs pr0gramm" you will find lots of other news sources, same as for "coinhive trade volume", as it was the platform that made monero/XMR the biggest cryptojacking platform.
> If you google "doxxing brian krebs pr0gramm" you will find lots of other news sources
I found no doxxing, I read that they organized a fundraiser, donated to cancer research, and even Brian Krebs wrote that “the response from pr0gramm members has been remarkably positive overall.”[1]
If you think that images of brian krebs' face with "Hurensohn" (German for "son of a whore") on it are not doxxing, you must be living in a parallel world.
Not gonna post direct links to this, because of HN guidelines. See the VICE article about it, which still contains some of those images. [1]
What I'm saying is that there was an attempt to doxx Brian Krebs, and the users of the imageboard [2] and Gamb, one of the admins, was turning that shitstorm into a positive thing. [3]
Ok so he basically made a hidden javascript based miner and tools to distribute it.
Couldn't find anything to support the claim that he would have tried to dox Krebs. Also "maintaining biggest ransomware crypto coin network" feels like a dishonest phrasing trying to make it sound like he had something to do with ransomware. Monero was practically never used for ransomware payments back when coinhive was active, and even today Bitcoin is the most used method for ransom payments by far. Monero was simply the most profitable coin to mine with CPU.
That being said I agree that I wouldn't trust any software made by this guy. Even the hidden miner was obviously highly unethical and probably illegal.
> Monero was practically never used for ransomware payments back when coinhive was active
This is a kind of wrong assumption. While I agree that ransomware payments themselves weren't done via monero or coinhive - malware on the other hand (read as: installed viruses/trojans/programs that the owner of the machine didn't consent to) was using it primarily to mine crypto coins.
This guy made billions illegally [2], and maintained the biggest ransomware crypto coin network for years, by offering the tools and SDKs to fund dozens of cyber war involved agencies across the planet. [3]
I have no idea how he got away with it, because his name keeps appearing in lots of crypto trading companies and trade registries. (Not gonna post them, but you can google his name to find this evidence)
He even organized a doxxing campaign against brian krebs at the time called "krebsistscheisse" via his pr0gramm platform [4] [5] [6], to somehow defend the idea that abusing user's computers for personal enrichment is a legit way of making money if you donate some low percentage to cancer research with it?!?
Sorry, but I would never trust this guy's code again. You should be careful, and audit any code he writes before you execute it.
[1] https://krebsonsecurity.com/2018/03/who-and-what-is-coinhive...
[2] 30% fee of monero/XMR went to coinhive: https://coinmarketcap.com/currencies/monero/
[2b] Schuerfstatistik on pr0gramm, where it all started: https://web.archive.org/web/20231005033135/https://pr0gramm....
[2c] Troyhunt analysis after he snatched away the coinhive TLD: https://web.archive.org/web/20240804081830/https://www.troyh...
[3] https://www.trendmicro.com/vinfo/us/security/news/cybercrime...
[3] https://krebsonsecurity.com/tag/dominic-szablewski/
[4] https://krebsonsecurity.com/2019/03/annual-protest-raises-25...
[5] (German) https://www.t-online.de/digital/aktuelles/id_83466874/tausen...
[6] https://www.heise.de/news/krebsistscheisse-Spendenwelle-an-K...
(Lots of other articles about it, and that dominic szlablewski was the guy behind coinhive, and the original owner of pr0gramm, while still doing development work for the company that owns the imageboard officially nowadays)