Not cool: Bitcoin mining malware found in ESEA server client
The ESEA server client, commonly used as an anti-cheating measure in games of Counter-Strike, StarCraft 2 and Team Fortress 2, has been discovered to carry malware that uses unsuspecting players’ graphics cards to mine Bitcoins.
Users of the client have reported that their GPUs have overheated and been disabled by the bitcoin mining process.
The exploit was uncovered by user ‘ENJOY ESEA SHEEP’, who noticed unusually high GPU usage on his PC while idle. Upon further investigation, he discovered that his PC had been farming bitcoins for a member of the ESEA community.
ESEA co-founder Eric ‘lpkane’ Thunberg initially credited the exploit to an aborted April Fools’ joke gone wrong.
“Back towards the end of march, as btc was skyrocketing, jaguar and i were talking about how cool it would be if we could use massive amounts of gpus logged into the client to mine,” he explained.
“We went back and forth about it, considered doing something for april fools, didn’t get it done in time, and eventually elected to put some test code in the client and try it on a few admin accounts, ours included.
“We ran the test for a few days on our accounts, decided it wasn’t worth the potential drama, and pulled the plug, or so we thought.”
Thunberg suspected that a server restart had triggered a change in the ESEA client’s settings, which had in turn accidentally enabled the exploit for all idle users. Mystery apparently solved. However, less than two hours of vehement community reaction later he discovered that the incident had been “way more shady than I originally thought”.
“Definitely not something that has only been happening the past 48 hours,” reported ESEA user brasky. “My GPU has been ‘oddly’ running at high loads for at least 2 weeks and I’ve seen others who can confirm this or at worst have already had damage to their cards.”
It transpired a mining process had been running alongside the ESEA client since April 14. It had in total mined $3,602.21 worth of bitcoins for an unknown third party via users’ GPUs.
An update in the early hours of this morning removed any trace of the process from the ESEA client. An apologetic Thunberg, meanwhile, has pledged a free month of premium ESEA membership to current premium members, and destined any cash inadvertently made via the mining for the prize pool of ESEA’s upcoming European tournament season – “so at the very least your melted gpus contributed to a good cause”.
“Once again, our bad,” concluded Thunberg. “Thanks for keeping us honest.” As of yet, there’s no talk of compensation for those customers who’ve suffered from failing PCs.
Bitcoin miners are the workers that keep the peer-to-peer online economy afloat. They solve mathematical problems to acquire more coins, and are required as a third-party to approve bitcoin transactions. The more miners there are at any one time, the harder the problems become to solve.
Miners have often used their processors, GPUs or specially-designed hardware to solve their algorithms, entirely legitimately – but the system-intensive nature of these solutions means some hire contractors, and an unscrupulous few have incentive to farm these calculations out to unwary users via malware.