ESEA gaming client hijacks GPUs for Bitcoin mining

The co-owner of widely used computer gaming service ESEA has admitted that the company used its client software to mine bitcoins using customers hardware without their knowledge. Some ESEA users say that the unannounced activity overheated their graphics cards, damaging them in the process.

ESEA is a paid subscription service that offers competitive matchmaking, league play and cheat prevention to an advertised 14,000+ membership for about $7 per month. It supports mostly games popular on the competitive scene, including Team Fortress 2, League of Legends and Starcraft 2. ESEAs subscription services are delivered via locally installed client software, which acts as a server browser and social venue, in addition to providing anti-cheat functionality.

[MORE PRIVACY: EFF: Trust Twitter -- but not Apple or Verizon -- to protect your privacy]

ESEA user Unisolz said in a forum thread posted early Wednesday that an examination of the client revealed the presence of OpenCL miner a piece of software that uses graphics processors to perform the strenuous calculations involved in Bitcoin mining.

The revelation prompted widespread condemnation on ESEAs official forums, which had already seen a number of recent posts from users complaining about antivirus warnings and overheating hardware. The discussion quickly spread to other sites, notably Reddit, where user renalucario collected screenshots and other relevant information - including official forum posts from ESEA co-owner Eric Thunberg admitting that bitcoin mining took place.

Thunberg posting under the screen name lpkane said initially that the unannounced inclusion of a bitcoin miner in the ESEA client was considered as an april fools, and that a technical error resulted in it being deployed across the service two days ago, resulting in a total of two bitcoins (about $280) being mined.

For the record, I told [client creator] jag[uar] he shouldnt be lazy and run the miner in a separate process, rookie move, he joked.In a subsequent posting, however, Thunberg admitted that the process had been happening for two weeks, not two days, and that the take had been nearly 30 bitcoins (more than $3,600), rather than just two. He said that the funds would be donated to a tournament prize pool and that all current premium users would get a free month of service.

This is way more shady than I originally thought, and as the person who is ultimately responsible for everything its 100% my fault, Thunberg wrote.

Thunberg declined to comment when contacted by Network World, but ESEA co-owner Craig Levine said that he had no knowledge of any bitcoin mining until the scandal broke.

I am in the process of fully investigating the extent of the actions and how it happened so that we take the appropriate measures to rectify the situation and put the proper safeguards in place to prevent it from reoccurring, he said, adding that a formal response would be forthcoming today.

Levine did confirm that ESEA will be setting up a mechanism to handle user claims of hardware damage.

Email Jon Gold at and follow him on Twitter at @NWWJonGold.

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags ApplesecuritysoftwaretwitterWide Area Network

More about AppleEFFStarcraftVerizonVerizon

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jon Gold

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts