Showtime Website Found Using Browsers to Mine Cryptocurrency

Last week, we reported that The Pirate Bay secretly hijacked visitors’ computers to mine cryptocurrency. It seems another high-profile site is pulling the same trick. The website for US cable channel Showtime – home of Billions, Homeland, and Twin Peaks: The Return – ran a JavaScript code to mine crypto-coins through visitors’ web browsers, The Register reveals. The offending sites included the channel’s main website and its in-browser streaming platform, Showtime Anytime.

Showtime Website Mining Cryptocurrency

The two Showtime websites used Code Hive mining scripts to harvest the Monero cryptocurrency. However, it seems a third-party inserted the script. Specifically, it appears that web analytics company New Relic inserted the JavaScript. At least, that what the HTML shows.

It’s unlikely, though, that New Relic itself is responsible. So, an employee or a hacker, then? When approached by The Register, Showtime refused to comment. New Relic, though, strenuously denies any involvement.

New Relic Says

Andrew Schmitt, a New Relic PR representative, told The Register:

“We take the security of our browser agent extremely seriously and have multiple controls in place to detect malicious or unauthorized modification of its script at various points along its development and deployment pipeline.

Upon reviewing our products and code, the HTML comments shown in the screenshot that are referencing newrelic were not injected by New Relic’s agents. It appears they were added to the website by its developers.”

The Register also approached Code Hive, which said:

“We can’t give out any specific information about the account owner as per our privacy terms. We don’t know much about these keys or the user they belong to anyway.”

How many more high-profile sites are secretly carrying crypto-mining code?