Not even the most popular games are immune to being infected with cryptocurrency mining programs: this is the case of a League of Legends client provided by GArena, an online game platform that offers download services for this game. This shows that any kind of game or software downloaded online can be infected, regardless of its popularity or where it comes from.
League of Legends is one of the most played MOBA games on the internet right now. MOBA (Multiplayer Online Battle Arena) are games in which various heroes battle for superiority in a virtual arena, so to players of this kind of games, performance is of utmost importance. Some users of the game noticed a decrease in performance and discovered that some kind of cryptocurrency miner was working in the back end.
Turns out that all gamers that were running the client offered by GArena were facing these hiccups also. The GArena client had been modified to run a cryptocurrency miner known as Coinhive, an easily embeddable tool that mines a privacy-focused coin called Monero. This miner is the weapon of choice for most cyptojacking attacks because it is simple and lets the attacker hide their identity.
There are no records of how much time this miner was running in the background of the said client, or how much Monero was mined. The company behind the infected client, GArena apologized and quickly released a new client without the Moreno miner embedded.
These kinds of attacks have become pretty common nowadays when even some web pages are trying to substitute their ads and monetize via including these kinds of miners. Even The Pirate Bay, the famous torrent downloading site, has also resorted to this kind of tools to get the most of their visitors; but in their case is not considered cryptojacking, because they inform it to the user right on their homepage.