Feeds

Gaming app ENSLAVES punter PCs in Bitcoin mining ring

Some secret software to go with your deathmatch, sir?

Providing a secure and efficient Helpdesk

A competitive gaming company has admitted that for two weeks in April its software client was hijacking league members' PCs to mine Bitcoins.

In an eyebrow-raising turn of events, the company, ESEA Gaming, admitted on Wednesday that its software client had been running Bitcoin-mining algorithms on customer PCs since April 14, generating over $3,700 worth of the virtual currency – not to mention a likely uptick in the electricity bills of the unwitting punters whose graphics cards' GPUs been forced to mine the virtual currency.

ESEA is a competitive gaming company that lets paying punters play various video games competitively, with the chance of a cash prize as they rise through the ranks. It uses a bespoke software client to prevent cheating, and it was this software client that was loaded with Bitcoin mining routines.

The Bitcoin mining software had been originally rolled out in a test on ESEA Gaming admin accounts, the company's co-founder Eric Thunberg explained in a forum post using the handle lpkane. But the test didn't generate many Bitcoins (two in two days) and was shut down – or so Thunberg thought.

In fact, the miner wasn't shut down. Rather, it was rolled out across ESEA's entire user base.

An ESEA employee who was involved in the tests "has been using the test code for his own personal gain since April 13, 2013," the company wrote in an official statement on Monday. "We are extremely disappointed and concerned by the unauthorized actions of this unauthorized individual. As of this morning, ESEA has made sure that all Bitcoin mining has stopped. ESEA is also in the process of taking all necessary steps internally to ensure that nothing like this ever happens again."

The program used player GPUs to perform the complex mathematical operations required to mine Bitcoins, and generated 29.27627734 Bitcoins for the ESEA employee.

ESEA became aware of the Bitcoin mining after concerned users made posts to the forum complaining of high GPU utilization, even when idle.

The unauthorized two-week long spell of mining apparently took Thunberg by surprise, who wrote in a later post to the forum:

as of the client update released in the last hour, all the btc stuff is out which should solve the gpu and av warnings, and in a blatant attempt to buy back your love (and less likely your trust), i'm going to do the following:

1. 100% of the funds are going into the s14 prize pot, so at the very least your melted gpus contributed to a good cause

2. every user who was premium this month will get a free one month premium code which they can use whenever and for whomever they like, and you'll find the code under manage accounts -> premium codes

Along with the prize pot, ESEA gaming is also donating double the value of the mined Bitcoins – $7,427.10 at current market rates – to the American Cancer Society.

"While it's incredibly disturbing and disappointing that this happened, we’re committed to improving ourselves and rebuilding trust with our community," the company wrote.

The case serves to highlight how the virtual currency's recent dramatic rise in valuation relative to the US dollar has attracted speculators, chancers, and criminals in droves. The ESEA case follows the re-emergence of Bitcoin-mining malware earlier in April, along with a variety of other money-grubbing squint-and-they're-legal schemes.

"If we had found out on our own that the miner was running we would have killed it anyway because a) we'd already decided it wasn't worth it, and b) there are far less shady ways to make money," Thunberg wrote in reply to a forum user. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.