Secret Bitcoin mining code added to e-sports software sparks outrage

This story was first published by our friends at Ars Technica. You can read the original version of it here.

Competitive video gaming community E-Sports Entertainment Association secretly updated its client software with Bitcoin-mining code that tapped players’ computers to mint more than $3,600 worth of the digital currency, one of its top officials said Wednesday.

The admission by co-founder and league administrator Eric ‘lpkane’ Thunberg came amid complaints from users that their ESEA-supplied software was generating antivirus warnings, computer crashes, and other problems. On Tuesday, one user reported usage of his power-hungry graphics processor was hovering in the 90-percent range even when his PC was idle. In addition to consuming electricity, the unauthorized Bitcoin code could have placed undue strain on the user’s hardware since the mining process causes GPUs to run at high temperatures.

"Turns out for the past 2 days, my computer has been farming bitcoins for someone in the esea community," the person with the screen name ENJOY ESEA SHEEP wrote. "Luckily I have family in the software forensics industry."

About five hours later, a separate user posted evidence of the ESEA software client included the Bitcoin code. The user also provided instructions showing how other ESEA players can check to see if their computers are running the secret program.

A few hours later, Thunberg published his own post disclosing that ESEA software had included the Bitcoin miner for a little over two weeks and deposited a little more than 29 BTC into three wallets under the control of ESEA officials. The digital currency was regularly converted into US dollars and netted a total of $3,602.21 as of Wednesday. The figures were in stark contrast to an earlier post that said the Bitcoin code ran only for a few days and generated only about $280 worth of bitcoins.

"So first the bad news, this is way more shady than I originally thought, and as the person who is ultimately responsible for everything it’s 100% my fault," Thunberg wrote in the later post. He went on to say the ESEA client software had been updated to remove the mining code and that all of the money generated by user machines would be put into a prize pot. He also agreed to give users of ESEA’s premium service one free month. 

Image credit: cibomahto

As many Ars readers already know, Bitcoin mining is a legitimate activity when carried out by informed people using their own hardware and electricity. The "proof-of-work" tasks required to generate the digital coin improves Bitcoin security by adding transaction records to the public ledger of the currency. But because the mining process is extremely system intensive, a cottage industry has sprung up that uses malware to harness the computing resources of unwitting victims.

Thunberg’s admission that ESEA ran Bitcoin-mining software without explicit user consent is startling. Aside from potentially opening the company up to huge legal liability, the move is likely to engender distrust among some of the company’s most loyal fans. The nonchalance of some of Thunberg’s comments may only add insult to the betrayal many users are likely to feel.

"But for the record, I told jag he shouldn’t be lazy and run the miner in a separate process," he wrote in a post, referring to one of his software engineers with the screen name Jaguar, who didn’t take steps to conceal the Bitcoin miner. "Rookie move." In the later post he wrote: "100% of the funds are going into the s14 prize pot, so at the very least your melted gpus contributed to a good cause."

While the comments may be intended to be playful, they also suggest a lack of contrition on the part of ESEA. Sneaking GPU-intensive code into client software represents a serious breach of trust, and so far company officials—who didn’t respond to Ars’ request for an interview—have yet to publicly acknowledge the uphill battle they face in repairing the damage.

Update:

ESEA has published a post titled "Bitcoin Fiasco" that apologizes to users and attempts to explain how the secret code was added. The code was initially folded into a version of the client used by two consenting admins and after brief testing officials decided to scrub the beta trial. The post continued:

On April 13, 2013, after the initial tests, ESEA informed those involved in the test that we were killing the project and they should stop using the beta test. It came to our attention last night, however, that an employee who was involved in the test has been using the test code for his own personal gain since April 13, 2013. What transpired the past two weeks is a case of an employee acting on his own and without authorization to access our community through our company’s resources. We are extremely disappointed and concerned by the unauthorized actions of this unauthorized individual. As of this morning, ESEA has made sure that all Bitcoin mining has stopped. ESEA is also in the process of taking all necessary steps internally to ensure that nothing like this ever happens again.

The post went on to say the amount generated by the sale was $3,713.55. ESEA will be donating it to the American Cancer Society and will match 100 percent of it for a total of $7,427.10.

Comments closed
    • DrCR
    • 6 years ago

    If it was really a rogue employee, why is it not clear he is terminated and criminal proceedings are being brought against him?

      • d0g_p00p
      • 6 years ago

      LOL, criminal for what? Would be very hard to bring up charges.

    • no51
    • 6 years ago

    Reminds me of what was happening at this one place I worked at. I was wondering why idle proc usage was so high, and it turned out someone in IT was folding on the workstations. I don’t know if it was authorized or not.

    • floodo1
    • 6 years ago

    Seems like ESEA handled this well. Rogue employee does something malicious and they try to make it right. Not sure what’s up with the “rookie move” comment, but everything else seems on the up and up to me. Obviously they need a couple more layers of checks between one employee and release builds, but e-sports isn’t exactly fortune 500 so live and learn.
    I would have been pissed if I had found this on my machine, especially if my room turned into a jungle from all the heat they were generating on my 100,000 core + quintuple Titan pron rig, but when they respond like this giving me a free month of service and donating the money to the players……hard to stay pissed I think 🙂

    I watched similar hater rage happen with GOMTV over the WCS championship changes for the GSTL this year, but like good people, good companies should be allowed to make mistakes if they will admit fault and make things right….nobody is perfect and if they are really trying to, you know, NOT FUCK THEIR CUSTOMERS then it’s only right to tolerate a road bump or two along the way.

      • cjava2
      • 6 years ago

      The good ‘ol “rogue employee” excuse. I’ve seen that one used numerous times to cover up the actions of those higher up.

      Don’t be that naive.

        • MadManOriginal
        • 6 years ago

        Don’t be that paranoid.

      • ronch
      • 6 years ago

      You actually believed the ‘rogue employee’ excuse?

      Didn’t he also say, ‘Rookie move.”, suggesting a lack of contrition?

    • HisDivineOrder
    • 6 years ago

    I agree with the posting here. They’ve opened themselves up to some serious liability concerns when hardware fails from overheating and people begin making the case this is what did it.

    • Grigory
    • 6 years ago

    Only 20 years ago this story would have been science fiction. 🙂

      • Arclight
      • 6 years ago

      And with some exagerations on the earning part, it could have made for a great action movie….with explosions, car chases, foreign countries etc.

    • Krogoth
    • 6 years ago

    Holy spyware/malware batman!

    Sadly, this is just the tip of the “buttcoin” iceberg……

    • ShadowTiger
    • 6 years ago

    I am a little confused. Bitcoins can only be generated in even increments of 50, 25, etc, which slows down over time as the market gets closer to its maximum supply. Currently i think its 25 generated a time, and only 30 bitcoins are accounted for… with at least 20 more to make a total of 50.

    So there must be another bit coin wallet somewhere that has the extra coins, worth another $2,500. Either that or the program was stealing bitcoins instead of generating them.

      • Antimatter
      • 6 years ago

      The software was likely connected to a mining pool where the bitcoins generated are shared amongst the miners.

    • cynan
    • 6 years ago

    A couple of months ago I inadvertently installed software that came with one of these bitcoin trojans. Only noticed it when I rain a 3D graphics benchmark and was getting lower scores than I should have been getting. Luckily it was easily enough removed with the regular malware software..

      • chµck
      • 6 years ago

      name of software?

    • drfish
    • 6 years ago

    How’s the phrase go, “Never attribute to malice that which can be adequately explained by stupidity?” Yeah, that’s where I am on this one. I think they ended up doing the right thing™ and that this isn’t really a big deal.

    • Deanjo
    • 6 years ago

    And there you have one of reasons why digital currency will never be taken seriously by world markets.

      • tipoo
      • 6 years ago

      You could say that of theft and paper currency. I have no strong feelings either way on digital money, but just saying.

        • Deanjo
        • 6 years ago

        Na you can’t, I can tell when someone is trying to make me steal paper money. With digital, it can be done by me without my knowing it is ever happening.

          • way2strong
          • 6 years ago

          No money was stolen in this operation.

          • BobbinThreadbare
          • 6 years ago

          This is more like someone running your car all night to generate electricity for their house.

          Is electricity not taken seriously?

      • peartart
      • 6 years ago

      We’ve had digital currency for a long time. Bitcoin is ridiculous on its own merits.

    • Goty
    • 6 years ago

    No comment on the original story (since I’m sure my opinion simply mimics that of many others), but I do want to say that I like the inclusion of the source banner/link at the top of the story!

      • floodo1
      • 6 years ago

      this

    • tfp
    • 6 years ago

    I’m surprised it took this long to happen. I remember this kind of thing happening with F@H and Seti though no one made any money in those cases.

      • phez
      • 6 years ago

      someone injected bitcoin mining into f@h/seti? when was this?

        • Ryu Connor
        • 6 years ago

        He means situations where the software was installed without authorization.

        Numerous stories of IT employees getting canned and civilly sued under CFAA because of a unilateral choice by an IT Admin to roll out F@H or SETI@Home.

          • tipoo
          • 6 years ago

          I did that on a work computer, only it was only one system and it was a Pentium 4.

          Ah, youth.

    • lilbuddhaman
    • 6 years ago

    Just imagine had they successfully ran this for a year or more….had they only polled people’s cards to run at ~1/3rd their potential they probably would have gotten away with it.

      • Peldor
      • 6 years ago

      Indeed, I’m really surprised the botnets haven’t taken over bitcoin mining. Apparently they are making even more money on their current scams!

        • Ryu Connor
        • 6 years ago

        [url<]http://arstechnica.com/business/2012/03/p2p-botnets-the-bigger-they-come-the-faster-they-fall/[/url<] [url<]http://arstechnica.com/security/2013/04/hide-your-kids-hide-your-btc-bitcoin-stealing-malware-emerges/[/url<] It's out there and becoming a bigger target.

    • ronch
    • 6 years ago

    Yeah, I already saw this at Ars. What can I say? I can’t believe how low this company can get. And no, I don’t believe what they had to say about it. Guess this totally throws their credibility down the drain.

      • albundy
      • 6 years ago

      why cant you believe it? it’s what corporations do. greed empowers and propels.

        • slowriot
        • 6 years ago

        This isn’t even close to a corporation. It’s a handful of people. It’s what people do, see an opportunity to improve things for themselves without considering the longtime consequences. Corporations just make that behavior worse by exponentially increasing the pressure to make number based decisions and remove the decision makers further from those impacted by those decisions.

        • ronch
        • 6 years ago

        Of course that’s what they do. Coca-Cola doesn’t care if you get diabetes as long as they meet their earnings targets. McDonald’s doesn’t care if you get obese or they cause unimaginable suffering to farm animals (i.e. cows and chickens) as long as they can sell tons of burgers. Heck, if it weren’t for competition, Intel would ask you a bajillion for an 8086… and probably charge you every month for actually using it.

        But this… sneakily using your computer and fattening your power bill without you knowing about it so that they can earn BTC? Way below the belt.

        No, we’re not talking about a corporation here. We’re talking about a band of thieves.

Pin It on Pinterest

Share This