CBS’s Showtime is the latest site to silently mine Monero cryptocurrencies off of the systems of unsuspecting users in the latest trend of cryptocurrency miner infections.
It is unclear whether or not the code was used intentionally by Showtime or put in place by a threat actor. The script was spotted between HTML comment tags that appear to be an insert from web analytics company New Relic who told the publication it had nothing to with the mystery code.
“We take the security of our browser agent extremely seriously and have multiple controls in place to detect malicious or unauthorized modification of its script at various points along its development and deployment pipeline,” New Relic’s Andrew Schmitt said. “Upon reviewing our products and code, the HTML comments shown in the screenshot that are referencing newrelic were not injected by New Relic’s agents.”
Schmitt said it appears the code was added to the website by its developers. Showtime declined to comment on the issue.
This method of using silent cryptocurrency miners may be one of the sneakiest ways to accumulate money and is even more secure for the criminal than attacking with ransomware infections, Webroot Senior Threat Research Analyst Tyler Moffitt told SC Media.
Moffitt added that hackers can now make money simply by injecting ads or streaming services to steal processing power and to mine cryptocurrency instead of to infect people with ransomware.
“Coinhive needs to require an explicit opt-in from the end user to run the mining script,” he said. “However, until they do so, criminals will continue to abuse this new technology.”