US premium cable and satellite television network Showtime was the latest site to be embarrassed by the discovery of scripts on their websites that secretly mined cryptocurrency with user computers.
The Javascript application Coinhive was found running on showtimeanytime.com. Users who visited the site’s homepage would trigger the script through their browsers, which would then begin tapping into their computers’ CPU to mine cryptocurrency.
Users first discovered the presence Coinhive on several Showtime websites as early as September 23, taking to Twitter to report what they suspected as a possible hack.
But as some observers pointed out, the script showed remarkable similarities to those used especially by torrent and streaming sites such as Piratebay. After reports of Showtime’s move emerged on several news outlets, the media company finally removed the script over the weekend, declining to comment on the incident.
Since May, several sites and services have issued public apologies after being caught red-handed by users. Users have taken issue with the fact that these scripts were introduced without their prior permission.
The Coinhive script was designed as an alternative revenue stream for websites unwilling or unable to support their operations with advertising. Currently, it mines Monero and keeps 30% of the returns from clients. Several popular crypto faucets such as moonbit.co.in and freebitco.in have already offered users an option to allow similar scripts to mine in the background in exchange for higher faucet rewards.
Coinhive themselves issued a statement on their blog reading: “We’re a bit saddened to see that some of our customers integrate Coinhive into their pages without disclosing to their users what’s going on, let alone asking for their permission.”.
This current string of incidents is reminiscent of gaming company E-Sports’s scandal and public backlash when it was discovered to have secretly used players’ computers to mine Bitcoin in 2013.