Showtime, A CBS Inc’s Website caught Mining Monero over the weekend

The flagship Showtime.com and its immediate-access ShowtimeAnytime.com sibling quietly pulled in code that made browsers to blow spare processor time adding new Monero coins a privacy-focused option to the ever-popular Bitcoin. The protected software typically occupied as much as 60 percent of CPU space on computers visiting the sites.

The scripts were signed by Code Hive, a legit outfit that provides JavaScript to website owners: webmasters add the key to their pages so that they can get slivers of cash from each visitor as an option to serving adverts to generate revenue. Over time, coins minted by the Code-Hive-hosted scripts adds up and is given from Coin Hive to the site’s managers. One Monero coin, 1 XMR, is worth about $92 right now.

However, it’s very unlikely that a large company like CBS would smuggle such a piece of mining code onto its dot-coms especially since it requires subscribers to watch the hit TV shows online implying someone hacked the websites’ source code to include the mining JavaScript and make a quick buck.

The JavaScript, which looked on the sites at the start of the weekend and disappeared by Monday, sits between HTML commentary tags that seem to be an insert from web analytics biz New Relic. Again, it is questionable that an analytics company would carefully stash coin-mining scripts onto its consumers’ pages, so the code must have originated from another source or was introduced by miscreants who had endangered Showtime’s systems.

Take your time to comment on this article.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil