Unfortunately, some individuals are still trying to give the crypto world a bad name by exploiting individuals to mine cryptos secretly. In July, we revealed that The Pirate Bay was up to its old tricks and had implemented a new secret crypto mining script into its website, meaning while users browsed the site they were also secretly giving up CPU power to mine cryptos. While this is something we expect from a website like The Pirate Bay, we didn’t expect to see this from a game on the Steam Store. We know blockchain will change the gaming industry, but we didn’t mean quite like this. A popular indie game called “Abstractism” was hijacking players CPU power to mine cryptos – most likely Monero – and has now been pulled from the Steam store.
Enticing Gamers to Keep the Game Open Longer
In order for a crypto miner to work – and be as profitable as possible – it needs to remain online 24/7. To this extent, the game rewards players with loot drops every few hours. This time period doubles every time it is reached until the player is receiving a maximum of 7 items per week. Players were then encouraged to ensure they had the game running on Fridays where they would reset the loot drop timer. Players were also promised items with a higher level of rarity if they never closed the game.
This loot drop timing schedule supports users claims the game is a secret crypto miner. For the dead.team and Okalo Union – the game’s developers – to collect the completed hashes and give out new ones, they need to have the users online at a specific time – the Friday “loot drop timer reset” event could provide the perfect cover for this. In addition to this, encouraging players to keep the game open 24/7 also meant the mining scripts would be able to mine far more of the crypto than if they were on intermittently.
Not Just Cryptojacking in Abstractism
Unfortunately, cryptojacking wasn’t the only wrongdoing in Abstractism. One player had bought an item from the Steam store, and in fact it turned out to be a worthless item from the Abstractism game. When the user complained, the developers changed the item’s image and name to try and cover up the alleged scam. The player was duped out of a $100 Team Fortress 2 Golden Rocket Launcher, and instead received a rip-off Abstractism version. In addition to this, some of the game’s files were being flagged as viruses when scanned by anti-virus applications – further adding fuel to the fire that Abstractism is a secret crypto miner.
Secret Crypto Mining Isn’t New
The concept of secret crypto mining via scripts isn’t new and has been around for a number of years. Sites have been implementing the controversial scripts to help bolster profits, especially as the prevalence of ad blockers is rising. Sites such as Salon.com offer users the ability to see no ads in return for donating a little CPU power to mine cryptos – something we believe could be the future of free content websites revenue structure. In China, over $2 million in various cryptos had been secretly mined in an elaborate hack that spanned a two year period and involved nearly 1 million computers.
Okalo Union and dead.team Deny the Claims
In a game update on the 23rd July, the developers denied that the two resource-intensive scripts were to connect the game to Steam’s services and to grant items to players’ inventories. This is an unsurprising move, as they probably removed the crypto mining scripts during this update to cover their tracks as much as possible – or at least toned down the throttle value.
People don’t expect games from reputable marketplaces such as Steam to have these secret crypto mining scripts in them, and for a paid game it is quite outrageous. Yet, as the price of cryptos continues to climb – and the general acceptance of them continues to increase – we are likely to see more games published with secret mining scripts in them.
Tougher regulations and testing before publishing needs to be done by the stores – such as Steam – to protect their users from malicious developers with bad intentions.
