Network gaming company uses its “cheat-prevention” client to build a Bitcoin botnet


In one episode of the nerdtastic TV sitcom Big Bang Theory, the socially-challenged Caltech physicist antihero, Dr Sheldon Cooper, has his World of Warcraft account hacked.

A giant shopping-list of Sheldon’s virtual property gets plundered: his wand of untainted power, all his gold, and even Glenn, his beloved battle ostrich.

As Sheldon laments, “Three thousand hours. Three thousand hours clicking on that mouse, collecting weapons and gold. It’s almost as if it was a huge waste of time.”

And that’s the problem with games that you play across the internet: how do you trust the other people in the contest?

Even when there’s no money involved, it spoils the fun if the other guys aren’t on the level.

That’s where on-line communities like ESEA, or E-Sports Entertainment, come into play.

ESEA describes itself on Facebook as “the leading game play based community. With a sweet pick up game mod, a custom anti-cheat client that works, and cool statistics to log all of your activity, ESEA is the place to play!”

To join ESEA’s network, you need to install and use the company’s custom client software.

The client is designed, amongst other things, to maintain a level playing field by detecting cheats, such as players who programmatically automate tasks – rapid, accurate shooting, for instance – that are supposed to be a battle of dexterity between human opponents.

Imagine the stirrings of discontent when players on ESEA’s network started wondering about symptoms such as their GPUs (graphics processing units, the special graphics cards that speed up the display) running at high utilisation.

Overcooking your GPU can be a costly exercise, since it increases electricity consumption and may shorten the life of your hardware.

What was causing the hot and heavy running?

Surreptitious Bitcoin mining, it seems!

One customer took the simple precaution of looking in the ESEA client log file and found this:

Another user got in telephonic contact with a sysadmin at ESEA to discuss what was going on, and received some surprising admissions during the call.

Here’s a partial transcript of the sysadmin’s comments:

It shouldn't be any surprise, but the [anti-cheat] client is capable of doing a lot of things that people don't know about. [...] They think the client does screenshots and that's about it. Truth be probably does more than about 50 different things, because there are more than 50 ways to cheat.

[...] Funnily enough, there was a debate, a conversation, regarding the subject of using the client to mine Bitcoins. That was a joke, but at the same time it was half serious.

The high-performance GPUs that many gamers own are handy for Bitcoining, because the Bitcoin system relies on computing massive numbers of SHA checksums, a task that just happens to be ideally suited to today’s graphics hardware.

The ESEA staffer continues, rather unconvincingly:

It turned out I actually did write code to do it, but it wasn't supposed to be code that was everywhere. [...] I restarted the server and the [configuration] setting got reset and [the mining code] actually got turned on, which was only, like, it wasn't for very long.

We calculated how much we would actually make, if we really wanted to do it. We would make hundreds of thousands of dollars if we actually did it with everybody. But that would be pretty intense.

[Voice of caller] Not to mention kind of illegal.

And that’s the problem with software that you run across the internet: how do you trust the other people in the protocol?

Even if there’s no money involved, it spoils the fun if the other guys aren’t on the level.

ESEA head honcho Torbull has now tried to make a clean breast of it, admitting that the company had toyed with the idea of using its customers as a giant Bitcoin botnet, but decided not to go ahead.

Nevertheless, someone inside the company didn’t listen, and ran a Bitcoin farm on ESEA customers’ computers for the next two weeks.

The outcome fell far short of the hundreds of thousands of dollars predicted above, but was nevertheless a handy sum to accumulate for free: just under $4000’s worth of Bitcurrency.

It’s a funny sort of infringement, because the Bitcoins weren’t actually stolen, and the client software was voluntarily installed by each user, no doubt under terms and conditions that permit fairly arbitrary remote updates and reconfiguration.

Indeed, the Bitcoins didn’t even exist until before the unauthorised mining started.

ESEA has decided to donate the proceeds to charity, to chip in the same amount again itself, and to create a prize pool for customers that will return $3,713.55 back into its customer community.

Peace with honour?

Probably – but it does raise the age old question: who will guard the guards?