I have definitely not installed any mining script on dMania and the site wasn't compromised.
It makes absolutely no sense that I would run a mining script on a small website like dMania. The rewards for that would be almost zero and I would lose all trust of the users.
That would endanger the whole project and everything I have worked for the last 6 months.
The only way that is possible is that some third party library has included a mining script somewhere. I am going to investigate and check if it's true.
dMania uses a lot of libraries that could potentially include a mining script with a new update without my knowledge. That's the only possible explanation and could potentially happen to any website.
Update
Apparently there was actually running a crypto miner on dMania without my knowledge. It was probably included in some external library in one of the last updates. I have updated all external libraries and the miner is gone.
I want to clarify that I had nothing to do with this. Projects like dMania use hundreds of libraries. Those libraries can potentially include a miner in a new update. I am now checking the code for that before every update so that won't happen again.
Update 2
Ok looks like the problem is not resolved. Atm I have no idea whats going on and how the miner gets onto the website. I took down dMania to protect the users until I fix it. ( dMania-bot is also down and won't upvote anything).
dMania will be online again when the problem is resolved.
I think you’re a fucking scammy liar. @dmania is going DOWN.
You are actually helping the people by downvoting dmania, to get them more votes. Because the dmania comment will not be shown and people will think, its such a nice meme that they will upvote it :) You should rather downvote the posts of those people who you think are copy pasting.
kys fagg
that site doesn't work, and you are running coinhive however it got there I don't know.
Where was the miner? How did it get there?
Thanks for responding. We have many confirmations it IS mining from @themarkymark, @netuoso, @andybets, @drakos and myself.
Find it and kill it, would be my suggestion.
Dmania is useless why would i share my rewards with your platform when i can just post a meme directly to steemit?
Because there is a chance of a 40$ upvote from the bot that you cant get if you post directly to steemit. But take in consideration that only quality memes can get the votes so you might want to post them to steemit after all. Your attitude is toxic, gtfo.
I find your reply to accra unpleasant and wrong. I too had wondered and now I know I must stay far from all posts using dmania, since you react so violently to a simple question. I suppose you are now going to flag me also...
@zombee does runicar really represent your attitude to questions being asked? I also think that responding this way, with sarcasm and flags, at the time you have just been found to be in the wrong, even if unwittingly, is not good marketing.
You really shouldn’t be using hundreds of libraries. It’s a bit wasteful from a resource standpoint, opens up the site to vulnerabilities, and makes updating a pain.
Thanks for the update. Crisis averted. Good work. Good response.
What virus software do you use? I'm impressed by that catch!
Cg
@introvertspeaks the truth
and you find out here? is making the corrections for this post, I think you should be more careful with this ,,,,, thanks to the friend @ sirirk for such important information ,,,
I appreciate your response and update @zombee, but can you also answer @heimindanger question? Thanks
Here's my little 100% UV
THANKS for the Quick Response!
@sircork
U, MY GOOD SIR, ROCK!
Not buying it, what was it included with?
Will you share some details! So other small operators who care about it can also try to avoid these hidden miners!!
I go with the library theory. It is not the first time I see something like this happen, especially with crypto-related sites. It is vital to have the proper security software installed for detecting this kind of things.
we love you big chef. Let's vote for a party.
Damn @zombee after the bernie post one would think that you would make sure to keep a clean house. I think most DO THINK that you put that there knowingly too. This is not good. You're hurting your existence.
You need to refresh on Dmania.
It's the shanty town of steemit man.
The consensus of most users in these comments is that it's sloppy that it got there, but probably not intentional. That said, it is a case of trust but verify, so we'd still like to know what library and how to avoid this in other applications likely to be using the same libraries for this sort of steem connected site.
It seems intentional with a cop out excuse. The name of the external dep that did this ? Coinhive.
You're a good guy @sircock
lol kidding but I swear I thought that was your name at first glance.
And @netuoso you should be clear and let people know that you want @zombee to fail because you present an alternative on the meme creation front. Nothing wrong with wanting your competition to fail but you should be clear on that.