CBS Corporation subsidiary’s official websites Showtime.com and ShowtimeAnytime.com were found rigged to mine cryptocurrency Monero.
These websites were found to include the Coinhive code which uses guests’ CPU power in order to mine cryptocurrency.
Two official TV giant Showtime websites were forged to secretly use guests’ Web browsers. Bad Packets Report announced that in two official websites belonging to Showtime TV, Showtime.com and ShowtimeAnytime.com, were found to include the Coinhive code.
Once SkensNet on Twitter posted that websites have cryptocurrency miner in their source code, the controversial code has disappeared. However, how exactly the code disappeared, by itself or if Showtime removed it, is not known yet. In addition, Showtime refused to comment the incident.
Meanwhile, Bad Packets Report explained:
Once a user visits the website, they unwittingly start mining the cryptocurrency Monero This can put a tremendous load on the CPU of anyone who visits a website with the Coinhive miner on it.
It was found that software used approximately 60% of all visitors’ CPU capacity.
The Register reported that it is not likely that the Coinhive code was added intentionally by Showtime or CBS, more likely attackers hacked into these sites and used them for their own malicious purposes.
So far, The Pirate Bay also was found to include the Coinhive code but the code was removed.
The Pirate Bay reportedly said in a statement “As you may have noticed we are testing a Monero Java script miner. This is only a test. We really want to get rid of all the ads. But we also need enough money to keep the site running.”
Websites are unlikely to make more money using the Coinhive code and mining cryptocurrency as they can make running advertisements. However, the profit gained using the controversial code is not bad. Torrent Freak indicated that a website that generated 30,000 visitors on a daily basis can make about from $500 to $600 while running the miner only at half of its power.
Meanwhile, the Coinhive code group, cryptocurrency miner provider is not happy that attackers use the miner for their own benefits without having user permission:
We’re a bit saddened to see that some of our customers integrate Coinhive into their pages without disclosing to their users what’s going on, let alone asking for their permission.
In addition, the company also works on their most recent implementation which asks for a consent from site guests in order to run it.