UFC Website Found Secretly Using Visitor’s CPUs to Mine Monero
Earlier this year, popular torrent index website The Pirate Bay ran a one-day Monero mining script trial to see if it would be a viable alternative to running ads. The script, provided by Coinhive, takes advantage of user’s CPUs to mine the cryptocurrency, and was seemingly so effective The Pirate Bay ran it again later on.
The latest website found to have been running the Monero-mining code was that of a subscription streaming service, Fight Pass, belonging to mixed martial-arts powerhouse Ultimate Fighting Championship (UFC). The code was found by various users, who quickly took it to social media to report on their findings.
Users quickly started contacting the company and showing they didn’t agree with the move, both because they weren’t asked for consent, and because they already pay to access the streaming service’s content. After discovering the mining code with the help of its anti-virus, redditor gambledub stated:
“Immediately upon learning of the reported issue, Neulion, UFC’s over-the-top digital service provider, reviewed the UFC.TV/FIGHTPASS site code and did not find any reference to the mentioned Coinhive java script.”
Yet, as some pointed out, various screenshots of the code were taken, making it clear the code was indeed there, although for a limited amount of time. Most users believe UFC’s website was hacked, as the business rakes in large amounts from subscription fees and pay-per-view events, and wouldn’t likely bother its users by using their CPUs to mine Monero without asking for their permission.
According to CoinDesk, Coinhive revealed that none of the screenshots included the site key, and as such it couldn’t reveal how much had been mined. Moreover, it didn’t notice any new top user on its internal site wide dashboard, suggesting the code was either quickly removed or didn’t affect a lot of users.