CBS Websites Found to Have Monero Mining Code

Last updated: Mar 30, 2023
3 Min Read
AI Generated Summary

We have previously covered the attempts by some websites such as the Pirate bay to use the processing power on a user's browser to mine Monero. The websites will use self-executing JavaScript code that will mine the Monero while the user is reading the site.

It has now been discovered that two websites of CBS networks have the same code embedded. This is indeed an interesting discovery as it leads people to wonder how such code could have been embedded on their sites. Although each browser is unlikely to mine a lot of Monero by itself, when there are thousands of users viewing a page then a large return is indeed likely.

The Showtime Monero Mystery

Although most commercial websites are trying to find ways to maximise the returns from their users, it is unlikely that such a reputable company like CBS would allow such scripts on their Showtime page. Slowing down a user's computer and impeding their browsing experience is sure to cannibalise their other revenue. Also, ShowTime is a paid service so it would be nonsensical for CBS to hamper paid user's experience.

This was the same coinhive JavaScript code that has been found on these other websites and is quickly becoming a large scale target for free browsing advocates. Given that it is unlikely that CBS would damage and it raises the question as to whether this code was embedded by a malicious actor.

That hackers would try and make use of other's computing power to mine coins is not a foreign concept. We have previously seen how Russian hackers had installed Malware on PCs that quietly mined Monero in the backend.

Choosing Showtime as the target of the code is not unsurprising. These websites generate massive amounts of traffic with users who usually stay on a page for a considerable period of time. This is no doubt the perfect type of website to implant a mining script that can run in the background.

Potential Vulnerabilities

How the hackers managed to compromise the CBS website and plant the code is not fully known. There is the possibility that it was inserted using HTML tags of the web analytics provider New Relic. This does not suggest that New Relic was in anyway complicit but it shows that when third party software is involved, potential vectors for attack increase substantially.

Nevertheless, hackers managed to find a vulnerability and exploited it to the expense of CBS. They should therefore try to pinpoint the exact vulnerability and patch it before any attempts at far more damaging data breaches.

Featured Image via Fotolia

Editorial Team

The Coin Bureau Editorial Team are your dedicated guides through the dynamic world of cryptocurrency. With a passion for educating the masses on blockchain technology and a commitment to unbiased, shill-free content, we unravel the complexities of the industry through in-depth research. We aim to empower the crypto community with the knowledge needed to navigate the crypto landscape successfully and safely, equipping our community with the knowledge and understanding they need to navigate this new digital frontier. 

Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.

Previous article
Charlie Lee Comes out Publically against SegWit2x
next article
Are we Heading to yet Another Version of Bitcoin?