Discussion Bitcoin mining malware.

squintz

Pirate Lord
I think this is something that needs to be addressed.

Is tlopo running bitcoin mining secretly on our computers? Would it be possible? Absolutely. Is tlopo doing it?
Who knows. We can't ignore this problem any longer. Bitcoin hijacking has been going on for a decade. However, with todays ultra stupid insane valuation pricing and new commodity exchange selling contracts in bitcoin that are based on cloud vapor and no one knows who owns bitcoins except a few very rich individuals from before bitcoin went stupid. Due to this development, there is a large rash of fresh malware being used to mine, including when you go to a website, and the software runs in the background while you're visiting and presumably nothing gets loaded to your computer. You would only experience slow navigating.

IF tlopo asks whether we would allow them to run mining while we are online, should we? How do we know Blizzard isn't running mining as well? Or any online for that matter. Wouldn't it be sickening that this crazy bitcoin bubble bursts and it is revealed all online game companies have been running mining programs in their cheat protection codes. After all, we HAVE to run that program to play any online companies games. ALL of them. And this is exactly what valve was doing for a short period UNTIL they got caught. They made it sound like a rogue employee, but the lawsuit proved otherwise. . Didn't tlopo do something with cheat programs lately? Clearly, we all need cheat protection programs for games, but we sure don't need those same programs cheating on us.

It sure would make me mad to find out like since 2010 that I could have been playing at 60 fps or better all the time on respectable low bandwidth instead of the 7 fps I was getting most of the time even with a good connection, while whatever game I was on was running all my resources on a hidden service.
If you've read this far and think I'm a pirate suffering with scurvy, keep reading and then read the few links I supplied. There were many many more.

And if my pirate and profile suddenly disappears for any reason after this post, it wasn't me, but it would be clear I hit a nerve. I make it clear right now, I am not accusing tlopo of bitcoin mining. But if all parties agree, could this be a way for Tlopo to get needed funds. Would Disney allow it. I wouldn't be surprised if Disney is mining with their sites. Just recently showtime and another information site were downloading mining malware without them knowing it. That's another issue, is tlopo hardened against this kind of threat?

I would expect so.
But know this, bitcoin mining hackers are out in force and people better be finding ways to check their systems.
Specially people who leave all their stuff on all night continuously. I don't, never have.
And bitcoin mining is being revealed more and more openly as a machine killer, sometimes burning normal systems up in weeks. I can run the Heaven benchmark burn in program for a week on my system without a hiccup or high temp warning. Mining could kill it in 3 days.

Is this for real scary stuff? You bet your pirates butt it is.
Don't take my word for it. I think this is going to get worst before it gets better.

Bitcoin mining has been going on since 2009 and Online gaming companies have been caught using your computer to mine bitcoins without your knowledge while melting your gpu and you would not know why.

Esea back in 2013 was using mining software in their mandatory cheat code program that everyone had to download or could not play.

https://www.pcgamesn.com/counterstrike/esea-served-class-action-lawsuit-over-bitcoin-malware-scandal

http://www.malwareremovalguides.info/trojan-bitcoinminer-removal-guide/

https://themerkle.com/top-3-types-of-bitcoin-mining-malware/

https://www.cryptocoinsnews.com/new-malware-mines-bitcoin/

This is for informational purposes only and I have NO affiliation with or liabilities for or have vetted any link. Do anything from these sites at your own risk.
 
Last edited:
I think this theory is a little far fetched... Sure, bitcoin mining is a thing, and yes some websites have been found to be doing it, but I honestly doubt that TLOPO is one of them. I've monitored my system information a lot back when the memory leak with the audio engine was an issue, and still monitor my rig while I play. There is absolutely no indication that there is a TLOPO-run program mining bitcoin on my computer. No GPU stress spikes, no spikes in my CPU load, no strains on my RAM, nothing. TLOPO runs just like all the other games on my computer, normally. Again, yes, I'm aware that hijacking peoples computers for mining bitcoin has been happening, but I really don't think that is going on with TLOPO. I couldn't find a sliver of evidence if I tried. The day I start seeing crazy spikes and loads on my system, I'll give it some though, but in the mean time, I don't buy it.
 
I think this theory is a little far fetched... Sure, bitcoin mining is a thing, and yes some websites have been found to be doing it, but I honestly doubt that TLOPO is one of them. I've monitored my system information a lot back when the memory leak with the audio engine was an issue, and still monitor my rig while I play. There is absolutely no indication that there is a TLOPO-run program mining bitcoin on my computer. No GPU stress spikes, no spikes in my CPU load, no strains on my RAM, nothing. TLOPO runs just like all the other games on my computer, normally. Again, yes, I'm aware that hijacking peoples computers for mining bitcoin has been happening, but I really don't think that is going on with TLOPO. I couldn't find a sliver of evidence if I tried. The day I start seeing crazy spikes and loads on my system, I'll give it some though, but in the mean time, I don't buy it.
The theory about online gaming doing this is a fact. The court documents prove one well known game company had done it. It would be silly to think other online gaming sites haven't considered bitcoin mining to add to their coffers. Whether tlopo runs bitcoin mining IS a theory. And I hope it stays a theory. But IF tlopo is interested in using some of peoples bandwidth to do bitcoin mining, then I would hope they have the decency to ask for our permission. Valve didn't.
BTW- newer malware runs in root and WMI-SB1-2-3 services and doesn't show up in the normal users ability to look at their processes.
That's not a theory either. This is a real problem and is just now getting the attention it deserves from the general public who are waking up to it.

Another problem, is the proliferation of so-called bitcoin mining removal sites. A huge amount of them are fake and are either giving you worse viruses and backdoors as well as malware you're trying to eradicate. This isn't a new thing however, it's surfer beware. Hot button attacks always bring phony help sites.
 
TLOPO already walks a fine line with Disney when it comes to profiting from their intellectual property. I am sure that they would not make it even harder on themselves by doing something as ridiculous as this. They have stated before that TLOPO will always be entirely free and they have done nothing since to elicit any suspicion as to where they stand.
As they say, "anything is possible", but that does not mean that everything is likely to occur. I would categorize this as one of those highly unlikely possibilities. Extremely improbable.
 
The theory about online gaming doing this is a fact. The court documents prove one well known game company had done it. It would be silly to think other online gaming sites haven't considered bitcoin mining to add to their coffers. Whether tlopo runs bitcoin mining IS a theory. And I hope it stays a theory. But IF tlopo is interested in using some of peoples bandwidth to do bitcoin mining, then I would hope they have the decency to ask for our permission. Valve didn't.
BTW- newer malware runs in root and WMI-SB1-2-3 services and doesn't show up in the normal users ability to look at their processes.
That's not a theory either. This is a real problem and is just now getting the attention it deserves from the general public who are waking up to it.

Another problem, is the proliferation of so-called bitcoin mining removal sites. A huge amount of them are fake and are either giving you worse viruses and backdoors as well as malware you're trying to eradicate. This isn't a new thing however, it's surfer beware. Hot button attacks always bring phony help sites.
While I understand that malware is evolving, as to not show up in "normal users processes" I consider myself, at least a slightly advanced user, and I never said I just monitored processes. I have programs that monitor CPU and GPU loads, speeds, and temperature. I also monitor my system with those programs, alongside standard task manager. Again though, as mentioned in the previous reply, this theory is highly unlikely
 
Toontown projects have been accused of having bitcoin miners in there code; But TLOPO being one of the only prominent recreation of POTCO it's highly unlikely they have a bitcoin miner; but then again it's possible, but they probably don't.
 
When it comes to both computers and a desire to make $$$, just about anything is possible (according to someone's will and greedy desire). As with most things online, the challenge becomes in how it can be proved.

Given with at least the ex-POTCO pirate developers I know whom are facilitating the progress of TLOPO, I highly doubt they either have the desire nor the time towards "pulling the wool over other people's eyes."
 
Mining on home PCs hasn't been profitable for months, maybe years, even GPU mining.
Someone doing it on their own machine in the basement, may not be, but mining on other peoples PC's is. Maybe not fabulous, but profitable. Because they aren't paying for the energy or equipment cost and repair.
 
Mining on home PCs hasn't been profitable for months, maybe years, even GPU mining.
Tell that to Minecraft! Diamonds are certainly profitable...

But seriously though, what made you think TLOPO could potentially have bitcoin mining software embedded in it?

Is tlopo running bitcoin mining secretly on our computers? Would it be possible? Absolutely. Is tlopo doing it?
Who knows. We can't ignore this problem any longer.
I'm just going to put this bluntly: You sound paranoid... I highly doubt TLOPO would run a bitcoin mining op on our computers, since of the very thin red line with Disney. Sure that may not stop some, but the devs and other TLOPO staff I know don't seem like the type that would care about bitcoin at the moment, or else they are very, VERY good at hiding their mining operation...

Though if someone at TLOPO is mining some internet gold, send some my way! It'd be much appreciated!
 
The amount of "blind" supporters is... Scary. I'm not taking sides, I'm not saying that they have embedded a miner, I'm not saying they didn't. But saying "they haven't" without an ounce of doubt is absurd. Have you considered that not all people want to just help like that out of sheer loyalty to POTCO and the community? Or at least not completely?? Jeez guys, next time at least take the alternative opinion into consideration.

Unless they release the source code, which I highly doubt they would, there's no way we can find out if there's a miner running.
Like @Davy Darkrage said, play at your own risk.

P.S. : Just monitoring your loads and/or looking at running processes is FAR FAR FAR from enough to find out whether a miner is running. (In this case only, if we assume that the TLOPO team have done that)
 
Last edited by a moderator:
Just have to tag in and say something. As someone who has run legitimate CPU miners before, you absolutely would know. CPU miners are inefficient and use quite a bit of available CPU time. The CPU in result will run hotter and you'd most likely run into issues if you tried complete normal tasks as most of your CPU is being used by the miner. Davy is correct when he said
No, TLOPO doesn't contain any embedded Bitcoin miners or any other malware.

You would notice rather quickly if it had a CPU miner embedded. And if anyone suggests it would have a GPU miner in place, it doesn't. You would notice that too. If you run MSI Afterburner to look at GPU usage, if you run TLOPO while its running it doesn't hit anywhere near 100 if at all for very long. If it had a GPU miner built into it, your GPU usage would be pegged around 100% and your card would be running hot as well.
 
@Rich Fireskull
I don't know why half of your comment is about a CPU miner. CPU mining became obsolete long time ago. And while yes, regular miners that you choose to run yourself do try to take the most out of your machine, people with malicious intents, who embed miners into everyday software work their way around to not get caught. They are not that stupid, they won't try to squeeze every single bit out of your machine. They know you would notice the loads. It would involve a lot of work though.

I've used software and visited a website which both happened to have a miner embedded, never really noticed it until it was exposed on our national news. The loads were quite normal, nothing suspicious, nothing that obvious to indicate a whole miner running. Especially with the website, since nowadays web development is more about being extremely inefficient as developers have their very high-level abstractions as top priority. You just wouldn't expect the problem to come from a miner, rather than a crappy developer. But I digress. Don't underestimate people with malicious intents, they are not stupid, they want to profit and be unnoticed.

P.S. : I'm not accusing the TLOPO team, I'm just saying : let's not throw out alternatives immediately like that.
 
Last edited by a moderator:
To be honest if I had that kind of range I'd much prefer to get in on altcoins instead. You know, IOTA, maybe Ripple. I think they'll skyrocket in the coming year. Sounds like a good time.

I'm kidding. Mining will almost never be as profitable as investing yourself, and these clever developers would have figured that out by now if they had ever implemented a miner, which I don't believe to be the case. Wouldn't be very profitable if they kept it FUD anyways.

Your concerns are valid, but this team has too much to lose. Beyond the inevitable Disney lawsuit their work would go down the drain immediately. Sounds like a bad time.
 
You'd notice that when you run a miner your GPU activity spikes up rapidly. And TLOPO isn't much of a high demanding game. So you'd notice right away.
Not really any more. Falco is right that mining malware has come a long way. The malware now is designed to work discreetly in the background systematically and not draw attention. The mining scalawags are creating volume in the sheer number of machines doing less demanding work on your system secretly. There's no reason to take over a machines resources fully or cause notable slowdowns. You would probably see more unusual activity in your network/isp traffic. If you have a good network tracker and you have everything shut down browser wise and there's still some activity it may be something in the background calling home. After all, the software has to report its work sometime.
It's also probably safe to say that most of the recent mining software, like from web sites works in your ram and doesn't really utilize the hard drives in any heavy way. There's the mining software you install, and there's the malware others install and they really are different in their execution.

With more than a few large gaming companies now being found out about having mining code in the game, instead of making the community wonder if it's happening here, why not embrace it? Why not think out of the cargo box and actually set up some sort of non demanding type of mining that borrows a few resources while one is logged in. Why not have a discussion with the community to see what they think of the idea where tlopo could with permission have their safe mining in operation and it could be some sort of subscription income service where it's only costing us cpu/gpu resources. We would be supporting Tlopo indirectly that way. If this could be done without adding noticeable lag and nothing added to the resource process beyond like turning on a higher anti alias or something. And only when logged in, no other time. I would seriously consider something like this. Of course, the disclaimer would need to be worded that if bitcoin completely crashes the software would be removed from the client.
Just a thought.
 
Back
Top