Who placed the JavaScript code on two primetime dot-coms? So far, it's a mystery
The websites of US telly giant CBS's Showtime contained JavaScript that secretly commandeered viewers' web browsers over the weekend to mine cryptocurrency.
The flagship Showtime.com and its instant-access ShowtimeAnytime.com sibling silently pulled in code that caused browsers to blow spare processor time calculating new Monero coins ? a privacy-focused alternative to the ever-popular Bitcoin. The hidden software typically consumed as much as 60 per cent of CPU capacity on computers visiting the sites.
The scripts were written by Code Hive, a legit outfit that provides JavaScript to website owners: webmasters add the code to their pages so that they can earn slivers of cash from each visitor as an alternative to serving adverts to generate revenue. Over time, money mined by the Code-Hive-hosted scripts adds up and is transferred from Coin Hive to the site's administrators. One Monero coin, 1 XMR, is worth about $92 right now.
However, it's extremely unlikely that a large corporation like CBS would smuggle such a piece of mining code onto its dot-coms ? especially since it charges subscribers to watch the hit TV shows online ? suggesting someone hacked the websites' source code to insert the mining JavaScript and make a quick buck.
The JavaScript, which appeared on the sites at the start of the weekend and vanished by Monday, sits between HTML comment tags that appear to be an insert from web analytics biz New Relic. Again, it is unlikely that an analytics company would deliberately stash coin-mining scripts onto its customers' pages, so the code must have come from another source ? or was injected by miscreants who had compromised Showtime's systems.
Here's a screenshot of the code on showtime.com, seen by El Reg before it was removed. The mining script was loaded early on the page, we note.
Continued
https://www.theregister.co.uk/2017/0...mining_script/