UFC Website Found Mining Monero Using Covert Script

The UFC website was recently accused by fans of running a covert Monero mining script without the users’ consent.

The Pirate Bay made headlines earlier this year when they were discovered to have implemented a silent mining scripts which used users’ resources to mine cryptocurrencies for their profit. Since this incident, more and more websites have been looking towards cryptocurrency mining as an alternative means to generate funds as opposed to advertising.

Since then, the administrators of The Pirate Bay admitted that the mining script was purely experimental. However, it did encourage a slew of websites to execute covert mining scripts. While the majority of websites who have taken these measures host mostly questionable content, several reputable sites have also started implementing the mining code.

The latest website to be joining the ranks of those implementing Monero mining scripts is the sports platform Ultimate Fighting Championship’s (UFC) video streaming service, Fight Pass. UFC is a well-known, and popular sports platform with a focus on mixed martial arts.

The video streaming service was quickly ousted by the platform’s fans and followers via social media. In addition to venting their disdain for the move, which did not notify the user, or asks for consent, users also contacted the UFC to state their complaints. What users found particularly troubling was that the mining script was implemented on a service which already required a subscription fee from its users.

According to a particular Reddit user, gambledub, a CoinHive search confirmed that a JavaScript mining code was currently being executed on Fight Pass. The user pointed out that a mining script being implemented on a subscription-based service undermines the inherent structure of the service.

Users who contacted UFC regarding the mining script reported that the company replied to them and emphasized that they take the matter seriously, and will review all complaints as soon as possible. However, a UFC spokesperson recently stated that the company did not find any Coinhive JavaScript code on their Fight Pass service.

According to the statement, the UFC contacted their digital service provider, Neulion to help them review the issue. However, after a thorough investigation, Neulion could not detect any trace of the Coinhive JavaScript mining code.

Users retaliated by sharing screenshots via social media which made it clear that a mining script was active, although for a limited time. Since its discovery, the mining code has been removed, which caused many to speculate that the Fight Pass service must have been hacked. Since UFC already makes enough profit from the subscription service, it seems implausible that the company would have to resort to implanting a relatively unprofitable mining script.

Coinhive has also joined the conversation and confirmed that since the shared screenshots did not include the site key, they were unable to give estimates of how much Monero had been mine at UFC users’ expense. Also, Coinhive stated that considering the circumstances of the event, it is likely that the party responsible for the mining code did not reap any noteworthy profits, and that it was possible that only a small number of users were affected.

Coinhive administrators also added that the firm employs a strict policy when it comes to users looking to exploit compromised sites with mining scripts. In such an event, Coinhive immediately terminates the user’s account. The company stated that they are currently creating a mining script which will notify users and ask for consent before the script is used on their devices.

Follow us on Telegram | Twitter | Facebook

Featured Images are from Shutterstock.

Blokt is a leading independent cryptocurrency news outlet that maintains the highest possible professional and ethical journalistic standards.

LEAVE A REPLY

Please enter your comment!
Please enter your name here