dMania is online again, more or less

in dmania •  2 years ago 

This wasn't a good week for dMania, not at all. Three days ago a mining script got onto the website. I tried to find out how it got there, but couldn't find the problem and decided to take down the website. Before that, some people had problems accessing the website. Then I had problems getting everything up and running again. All in all, a lot of shit happend at once. The project hasn't had any problems like that since the beginning. It was definitely a busy and exhausting week for me 😢.

I have analyzed all libraries and found no reference to a mining script. I checked all the code for XSS vulnerabilities, but found none.  I checked if the server was compromised, but found nothing. The files on the server were exactly the files I have uploaded.
I have a javascript file with the injected mining code that I got from the browser. The file contains some obfuscated javascript and webassembly code that runs the miner and was attached at the end of the original file. I couldn't find any reference to the source.

How did the mining script get there?

Since I have taken down the website the miner hasn't shown up again. I couldn't identify the cause of the mining script, but it is gone for now. At the moment I have only a theory how it got there.
I think the mining script got injected from dMania's domain provider Njalla. Njalla is a relatively new and unknown domain provider run by Peter Sunde, co-founder of PriateBay. PirateBay has injected crypto miner without telling their users before ->
If Njalla is actually a malicious domain provider, they could have done a MITM attack and inject the mining script.
The miner hasn't shown up since and I couldn't verify my theory yet. What I know is that something is wrong with Njalla. Several users couldn't access the site this week, because there was something wrong with the DNS entries. The SSL certificate wasn't renewed as it should have been and atm I can't renew it for

Maybe it is far fetched, but from all the things I have seen it would fit. Maybe I am just getting paranoid because I didn't get enough sleep the last few days 😅 . It could just be some other vulnerability that I haven't found. At least everything looks fine for now and there is no mining script on dMania.

New domain for now

Because of the issues with the domain provider, I have created a new domain ->

I am transferring to a new provider, but it will take a few days.  Atm works, but doesn't. I know that breaks the Steemit links to dMania. I will try to fix it as soon as possible.

Until everything is back to normal, the bot won't upvote. I will start the dMania bot when I know everything is up and running again.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

it must have been hectic days, good work @zombee You are Appreciated

Awesome update @zombee Get yourself some well deserved rest ! And best of luck to you moving forward ! Im looking forward to the return of dMania ! upped and resteemed 👍👍👍😀


Thanks a lot for the update @zombee, dmania is an awesome project and I can see you care deeply. Best regards 26d4dj.jpg

The important thing is Dmania is back.Problems will come but we have to go forward.I hope Dmania will be even more successful.Thanks for sharing with us.

thank you @zombee

Oh good news, what happened with dmania? I waited for dMania. Thank you @zombee for sharing this good news. Welcome to back again @dmania.

Definitely a busy day, nice work @ zombee, I love it you are appreciated

really great job and i ever respect a man like you @zombee

I'm glad you find the solution to run dMania again. Hopefully everything will be OK soon.

Good work! You are really doing great job! @zombee

Thanks You @zombee

Good work @zombee

Great work @zombee by protecting @dmania from such malicious script . And also thanks for in-detail explanation of it . I appreciate your transparency . HATS OFF MAN ! !

You have a minor misspelling in the following sentence:

All in all, a lot of shit happend at once.
It should be happened instead of happend.

I had a good wish from Dmania. The news is good. Thanks. @zombee

Is great for dMania is coming.

I can’t login at

When I try to, a page starts loading, but a few seconds later I’m bounced back to

Safari on an iPad, if that’s relevant.

But I was able to login with Safari/iPhone. Wierd.

Very nice view about smartcash. It's going to make much progress and move on to better.

These days the world of social networks has been in danger, I would like to have the solution but it is difficult, I know that we are more good, better times will come.

Thanks for being so committed, I had already started losing hope, thanks for showing you care by letting us know what's going on

Although I'm really not alarmed and encourage voluntary consent to sites' using mining scripts, I'm very impressed by the way this was handled.

I've done some penetration testing before. If you add me on discord then I'll happy to give you advice. I can point you to some stuff to read.

Problem ? Solution. That's how things work.

@zombee for president.

I can open in browser,but when I try to log in I am getting unsecure network failure..
Thank you for all the hard work and lost sleep!
waiting patiently for return of service.

and I have no tech skillzs... ;-)

Can someone help me, I cannot get on Dmania, does anyone know why.
review product freely - - Gmail - Google Chrome 3_25_2018 6_55_37 PM.png

Is that the old one? Now it's

They changed the server? no wonder I couldn't get on. Thanks!

Hey Zombee! I appreciate your commitment, this things happen and will only make dmania stronger! As a supporter for dmania I never doubted your honesty or the potential that dmania has, and I believe the vast majority of supporters think so too

Good advice thank important for all

Doing good work dude

take some rest @zombee hope everything will fine. best of luck

Thanks for your hard work to make our platform clean... I can imagine what you were feeling last few days and how you are tired... it is not easy! Good luck for new domain... Thanks again @zombee. Up to us now to make the dMania GREAT with all meme lover folks!

it's a very good news for us. welcome and wish you good luck. we are always with @dmania

You are awesome.

Keep doing good work.

I noticed the dMania Bot seemed to be working, but has stopped working now for over 12 hrs . Looking forward to when its all up and running good again ! keep up the great work !😀😂👍👍👍

The bot works fine, it just doesn't post comments anymore. The comments of the bot were flagged by certain users. That's why the dMania account has a reputation of zero.
Most posts on the Hot page on dMania had a bot comment and the bot comments became unnecessary.
The memes about the bot were also really annoying.

Yes I noticed that your not useing the Bot like before , im refering to the fact that its been over 14 hours or so now that no one has been upvoted by "dMania" the hot page has not changed maybe you should check into it . thanks for your reply !
Last upvote was just a while ago. The hot page is updated if you refresh the page.

Yes i refreshed the page several times. maybe its back working now but for ten hours I dont see anyone was upvoted . just wanted you to know about it thats all . good luck ! maybe im on the wrong dmania site i will try the link you just posted .thanks !

it won't let me log in using Steemconnect. I get a "secure connection failed" page.

Post in English please so everyone can understand it.


@zombee this is awesome rewarding platform after @steemit.
@dmania is very well performance platform.

  ·  2 years ago (edited)

@zombee, I have been delegating SP to the dmania voting bot for quite some weeks. I have supposedly recieved $1.5 up to now, but I've never been sure of where this gain is actually reflected. Could you clarify this to me?

And assholes cause it.