Recently, Core Media covered The Pirate Bay’s Monero (XMR) mining experiment, in which the piracy website ran a cryptocurrency miner that took advantage of visitors’ computer resources to mine the privacy-centric cryptocurrency Monero, as a way to experiment alternative revenue sources and, eventually, get rid of ads on the website.
Notably, however, Showtime websites charge users a subscription fee if they want access to their content, which includes original programming, Hollywood movies, and sports. As such, these don’t even need to add ads to their content, let alone run a Monero miner that, according to reports, consumed as much as 60 percent of visitors’ CPU capacity.
As soon as news outlets started reporting on the hidden code, Showtime websites quickly removed it. According to a Twitter user, the code was placed between HTML comment tags that seemingly point to web analytics firm New Relic. Given that CBS had no reason to run the miner, it’s possible that a rogue agent placed the code on the website without both New Relic and CBS being aware of it.
— Bad Packets Report (@bad_packets) September 24, 2017
Another possibility is that Showtime’s systems were compromised and, in an attempt to make money off of it, the hacker simply added the Monero mining code and tried to blame someone else using the HTML comment tags.
Companies refuse to comment
When contacted by Gizmodo and The Register, both Showtime and New Relic tried not to comment on the situation. After being pressed by Gizmodo, a Showtime spokesperson bluntly replied that the company declined to comment.
New Relic did comment on the situation but didn’t add a lot of information. When The Register reached out, New Relic’s Andrew Schmitt stated that security is taken extremely seriously, and added:
“Upon reviewing our products and code, the HTML comments shown in the screenshot that are referencing newrelic were not injected by New Relic’s agents. It appears they were added to the website by its developers.”
Coinhive, protecting the privacy of its users, only stated that a personal email address was used to set up the account the code belonged to, fueling the theory that a malicious hacker compromised Showtime and added the code.
As covered by Core Media, malicious actors are increasingly trying to mine cryptocurrencies at other people’s expense, as over 1.65 million computers were infected with crypto miners this year, while in 2013 the number of infections was of 205,000.