Crafty Mining: Esports League’s Secret Bitcoin Slaves

a bit of a coin, yesterday

Much like Bobby Kotick’s Flickr account, this is simultaneously sinister and hilarious. Esports league ESEA, also creator of an anti-cheating tool for assorted online games such as CSGO and Team Fortress 2, has been caught in a spot of apparent cheating itself. Specifically, by secretly having its users’ PCs mine for Bitcoins while it runs. (And if you don’t understand what that means, you really need to read yourself some more internet, kiddo). Wuh-oh. The people behind it, however, tried to explain it as an April Fool’s stunt gone wrong. Then, after undaunted internet detectives kept on digging, later admitted that wasn’t the case.

Most of this happened on ESEA forums and has already been collated on Reddit, and I primarily re-summarise here just to try and understand the whole damn business myself. ESEA is a popular esports league which also provides an anti-cheating tool for the e-sports community, but this week it found itself fighting to still be considered on the side of the angels. In the wake of a whole bunch of speculation about what was going on with the client, one ESEA user, unisolv, established that his – and other players’ – GPUs were frantically crunching data to mine BitCoins when the ESEA client was running. It’s a little bit like Folding@home, but a) without the user’s knowledge and b) to earn phantom yet somehow valuable money rather than find aliens or cure cancer.

This didn’t cost anyone any money, but it did put their graphics cards under unhappy strain by having them run at essentially full pelt at times when they should have been idle. Which can be pretty bad news for the components in question, not to mention their owners’ electrity bills. Also, this clandestine program continually earned money for someone else without users’ knowledge. That is very much Not A Good Thing. Unless you are that Someone Else, of course. The ESEA did eventually ‘fess up to the inclusion of this malware (for lack of a better term), but offered the remarkable claim it was nothing more than a prank gone wrong.

Wrote ESEA’s ‘lpkane’, in a message which perhaps unwisely starts with ‘lol’:

Back towards the end of march, as btc was skyrocketing, jaguar and i were talking about how cool it would be if we could use massive amounts of gpus logged into the client to mine. We went back and forth about it, considered doing something for april fools, didn’t get it done in time, and eventually elected to put some test code in the client and try it on a few admin accounts, ours included. We ran the test for a few days on our accounts, decided it wasn’t worth the potential drama, and pulled the plug, or so we thought.

Fast forward to 48 hours ago, a fuck up in the client server results in a restart which results in a setting getting changed which enables it for all idle users, and here we are.”

Initially, he claimed the thing only ran for 48 hours, earning 2 btc, worth around $280. He later returned with a slightly less flippant second response, acknowledging that the mining had in fact been running for two weeks, earning just shy of 30 btc – or $3,602.21. Not exactly infinite riches, but still dodgy as all hell. What next, then?

“So first the bad news, this is way more shady than I originally thought, and as the person who is ultimately responsible for everything it’s 100% my fault.” By way of recompense and “in a blatant attempt to buy back your love (and less likely your trust)” they’ve decided that all the btc earnings will go into the prize pot for Season 14 of the ESEA esports league, and “every user who was premium this month will get a free one month premium code which they can use whenever and for whomever they like.”

You could argue that putting the earnings into the prizepot isn’t really to the benefit of the people who earned it, of course. And, in fact, is further to the benefit of ESEA. Many thought that, so the spotlight was yet to turn away from ESEA.

A Reddit thread (natch) has been monitoring the ongoing story, and collates discrepancies (including earlier references to Bitcoin mining, rapid locking of threads which mentioned it and suggestion that some of the mined Bitcoins remain unaccounted for) in ESEA’s initial claims. Particularly curious is this recording of a conversation with an alleged ESEA admin in which the Bitcoin stuff gets mentioned, requests are made to not make the discussion public and there’s a general attitude that the whole thing’s just a bit of a lark.

And so, in the wake of ongoing criticism, the story changed again last night, when ESEA owner Craig ‘Torball’ Levine issued a rather more formal statement than lpkane’s somewhat louche declarations. Rather than the initial April Fool’s defence, ESEA now claim that they had been internally experimenting with Bitcoin mining as a possible new (hopefully optional, from the user’s point of view) feature for their software, but “an employee who was involved in the test has been using the test code for his own personal gain since April 13, 2013. What transpired the past two weeks is a case of an employee acting on his own and without authorization to access our community through our company’s resources.” Apologies are issued, unhappiness about the damage to ESEA’s reputation is made clear, that sort of thing. Is this illicit individual someone we’ve heard from already, or someone else entirely? Do they still have their job?

Curiouser and curiouser. As for what’s been doing about it now, “In an effort to maintain complete transparency, we have released all of the Bitcoin wallet addresses as well as data dumps of the wallets themselves. The value of the mined Bitcoins was $3,713.50 and ESEA will be donating 100% of the $3,713.55 to the American Cancer Society. ESEA will also match 100% of this amount for a total of $7,427.10 donated. ESEA is also increasing the Season 14 League prize pot by $3,713.50.”

You’ll notice that the quantity of ill-gotten BitCoins has once again gone up there, though the upside of that is more money for charity. That, for now, is that, but I won’t be surprised if there are further developments. This is an exceedingly strange affair, as so many things related to this exceedingly strange new currency tend to be.

What a palaver! Instead of all this farting around with graphics cards, they should have just done what Australia did and made the biggest coin in the world.


Well done, Australia.


  1. Core says:

    What they did must be illegal. But nowhere does it say that the police is investigating this, or that anyone has been arrested.

    • Chalky says:

      I’m not sure if it would be illegal. I’m trying to think what law they could have broken – I believe such software would not come under the definition of malware since it was not intended to cause any harm. The software was installed with consent, so the issue is that they didn’t describe everything the software did but I don’t believe there’s any law that someone has to describe all functions of their software as long as those functions are not malicious.

      • Crimsoneer says:

        In the UK, you could probably arrest them for abstracting electricity. Also, Fraud by Misrepresentation. You’d have to prove malicious intent, but that can’t be too hard.

      • moocow says:

        In the US, Federal authorities have been very liberal in interpreting the Computer Fraud and Abuse Act which has a clause about going beyond “authorised access”. It seems pretty likely that making a software client that uses resources maliciously without consent would fall under this, considering some of the other minor violations that have been prosecuted .

        • Chalky says:

          I totally understand that putting malicious features in your software is illegal, but I don’t see how this is malicious.

          • mrmalodor says:

            You don’t see how using people’s resources without their consent is malicious? You don’t see how causing people’s hardware to overheat and break down is malicious?

          • Chalky says:

            Since malice is intent to do harm, no, I don’t. Using idle CPU cycles is not harm and if your accusation of “overheat and breakdown” is even true, it certainly wasn’t intended.

          • Harlander says:

            So you’d be fine with me driving your car around as long as you didn’t find out and I brought it back unharmed?

          • lordcooper says:

            Well, not quite unharmed. There’d be a little wear and tear, but you’d hardly notice, honest!

          • Reapy says:

            It is nefarious because one of the few ways to make money now mining bit coins is to not pay for electricity. It is well figured out that self mining bit coins is a losing proposition if you are paying for the machines and/or electricity to run them. Piggy backing that on unknowing parties and reaping the profits of that is pretty heinous.

          • Underwhelmed says:

            By this argument all Malware has “good intentions” I mean the nice people are only trying to help by adding functionality to your computer! Also, last time i checked “good intentions” is not a legal get out of jail free card.

          • Brun says:

            It’s malicious for two reasons:

            1) It puts undue strain on the systems of those affected.
            2) It increases the electricity bills of those affected.

            The first item can lead to expensive hardware failures, the second just costs people money period. It’s reminiscent of cellular bill cramming, if you’ve heard of it.

        • Shuck says:

          The Computer Fraud and Abuse Act has been liberally interpreted only to benefit those who write the EULAs, so I don’t see it being applied here (in fact, it helps the corporation involved).
          This is a tricky one, as from a user perspective, the only thing that differentiates this from, say, poorly optimized software (that’s putting a strain on hardware and wasting cycles and electricity) is that it’s benefiting the software creators financially. Which, an argument could be made, is also true of (legal) data collection, or software that serves up ads (or even DRM, at a stretch). Which is a bit disturbing, as this shouldn’t be allowed.

      • solidsquid says:

        While the software was installed by the user intentionally, they weren’t made aware that the software would also mine bitcoins and send the results back to ESEA. Since they weren’t warned about this and didn’t agree to it, it’s possible it comes under unauthorised use of someone’s computer

        • Chalky says:

          It’s not uncommon for software to have undocumented features – take hidden DRM systems for example. There are often undocumented mechanisms in place to attempt to prevent piracy that the user is never informed about before installing. Is this illegal? The software is doing something the user was not informed about and often that they user does not want it to do.

          The reason people are upset about this particular issue is that the feature had no legitimate purpose – but my point is that I’m not sure the law is nuanced enough to distinguish between an undocumented feature that the user doesn’t want being “legitimate” or not.

          Malicious intent is the general benchmark as far as I’m aware, and I’m not sure this qualifies.

          • mrmalodor says:

            The intent was to mine bitcoins. They’ve already admitted that.

          • Ovno says:

            Writing software that uses another users resources without permission or even their knowledge for financial gain, sounds malicious to me….

            Would be the equivalent of a chat program or screen saver or whatever these malware infested programs my relatives keep installing are mining bit coins and sending them to the software’s authors would it not…?

            Or a bot net being used for anything really…

            After all I did it by accident is not a defense in court!

            And neither is we didn’t know…

          • Chalky says:

            Malice is the intent to harm. Both intent and harm are required, so saying you didn’t mean to is a valid defence against it – because the accusation is specifically that you did mean to.

            Can simply the use of unused computer resources be described as harm? I don’t see how. What is harmed, and in what way?

            The comment about unauthorised use of an electricity supply is probably the best argument I’ve seen – since presumably this does not require malicious intent, simply using someone’s electricity without their permission for any reason is illegal.

          • Reapy says:

            By that logic bot nets that perfrom ddos attacks and/or spam remailers are fine, simply utilizing your free cpu cycles!

          • mrmalodor says:

            Both intent and harm are present here. They admitted that the code was placed and activated intentionally. People’s resources were used without their permission, hardware was damaged.

          • Chalky says:

            By that logic bot nets that perfrom ddos attacks and/or spam remailers are fine, simply utilizing your free cpu cycles!

            The reason these things are illegal is because they intentionally cause harm, not because they use cpu cycles……. how can you possibly not realise that?

            hardware was damaged.

            Even if this was true, the damage was not intentional. You don’t understand what “intentionally causing harm” means and I don’t know how to explain it to you since these are just simple basic english words.

            If I intentionally blow my nose and accidentally elbow you in the face, I am not guilty of a malicious attack against you. Even though I intended to blow my nose and even though the unintended result was harm to you.

            Ever heard of the phrase “Never attribute malice to things that could be explained by stupidity”? If you did, I guess it must have been really confusing for you.

          • Brun says:

            because the accusation is specifically that you did mean to

            The fact that it was done for financial gain casts a lot of doubt on the “unintentional” defense. Did they not notice the money flowing into their accounts? They could have stopped once they realized what was going on – but they didn’t, they waited until someone from the community called them out on it.

            Imagine a bank robber that knocks over a bank but then when he gets caught by the cops he hands the money back and says “Woops! Thought it was the safe in my house.” You really think the cops would just shrug, say “Oh he’s just stupid, he’s not malicious,” and then let him go?

          • arccos says:

            “The reason these things are illegal is because they intentionally cause harm, not because they use cpu cycles……. how can you possibly not realise that?”

            That’s not true, actually. If a virus or botnet controlling your computer sent nice emails to all of your fiends and family, it would still be illegal. Taking control of a computer without permission is illegal for any purpose. Intent and result can influence the sentence, though.

            It will probably come down to whether a court determines installing the software gives implicit permission to use the computer for unstated purposes. The EULA probably covered that, so if they do get sued we’ll see if that portion of a EULA stands up in court.

          • Naum says:


            1. Activities performed by a software that aren’t immediately obvious given the programme’s purpose should usually be mentioned in the TOS/EULA (that nobody reads), especially if they may be harmful, shouldn’t they? I’m pretty sure any company which doesn’t have a burning desire to defend a precedence case in court would make sure to mention their hidden DRM schemes somewhere, especially if data is being transmitted over a computer network.

            2. At least in the German legal system, one does not need to have an explicit desire to harm someone in order to get punished. If one knows that harm is being done to another person as a direct result of one’s actions, and one willingly accepts that fact in order to gain an unlawful advantage, this is usually sufficient.
            (Otherwise it would, for example, be rather difficult to prosecute thieves, since they usually don’t explicitly want to deprive their victim of money, but rather get the money for themselves, and the deprivation is merely a necessary means to that end. As such, doing harm is not their final goal, but still a step they consciously take.)

      • paddymaxson says:

        In the UK it’s illegal to access a computer without permission for any action, even just to have a look. Even though the end users gave permission for one purpose, the secondary hidden purpose was something they did not expressly permit therefore it would be access without permission.

    • mrmalodor says:

      It’s called computer fraud and it’s definitely illegal. The fact that they’re not contacting the police speaks volumes. I hope some users have enough patience to do it for them.

    • BarneyL says:

      That’s nothing Rupert, my sister makes $1,546 a day mining bit coins in her spare time. My brother paid off his $123,456 mortgage in 7 months with is own personal bot net. I have now placed a deposit on a brand new Reliant Robin and hope to pay the remainder by christmas. You too can sign up at this web site

    • kwyjibo says:

      They’ve probably got an end-user agreement which has them covered. That’s not to say the agreement is valid, but it just means they have more ammunition in court.

      It’s fucking disgraceful what they’ve done though. It was essentially a bot net. And having your GPU running at full whack clearly will cost you money.

    • sirflimflam says:

      It’s not illegal. It’s dodgy as hell, sure, but it’s not actually illegal. A program doesn’t need to tell you every little detail about what it’s doing on your machine after you’ve willingly installed it.

  2. Arglebargle says:

    At least with a Tulip Bubble you get a pretty flower….

    • Persus-9 says:

      That was my thought exactly. You also get more tulips by engaging in the really rather nice relaxing activity of gardening rather than wasting electricity on utterly pointless calculations. If Bitcoin is the alternative then we should bring back the tulip standard.

      • LionsPhil says:

        Bruce Schneier linked a rather entertaining critique-rant on BitCoins last month.

        Of all the things to waste processor cycles on…

        • drewski says:

          He’s making a few pretty dubious assumptions about whether or not bitcoins are an asset there, to be honest. The idea that the sovereign has any particular responsibility in regards to their own currency should have been well and truly put to bed by now, too.

          Bitcoins have value because people agree they have value, the same as with any other currency or money.

          • Malibu Stacey says:

            Bitcoins have value because people agree they have value, the same as with any other currency or money.

            Nope. Bitcoins have value because people can exchange them for other currencies and/or goods & services (in lieu of actual currency).
            Same as anything else in the world, it’s only worth what someone will pay for it but with something as nebulous as this it can be worth a lot more or a lot less in a very short period of time which most people have very little control over.
            link to

          • drewski says:

            People wouldn’t agree to receive Bitcoin in exchange for goods and services if they didn’t think they had value. We’re both making the same point, just wording it differently. No money has inherent value – it’s value comes from how it is perceived and others’ willingness to use it as a medium of exchange.

    • Calabi says:

      Yeah but you didnt because most speculated only on the possibility of tulips.

  3. gschmidl says:

    So they’re keeping the bitcoins and hoping their price goes up and they can make that donation back, presumably?

  4. baby snot says:

    We minted what now? You’ve got to be fucking kidding. Fucking hell Australia.

    • corinoco says:

      Yeah, nice to see that mining wealth going into tat for the obscenely wealthy. Given that gold is a fairly vital non-renewable resource this seems a bit gauche. Oh, sorry, gauche is so IN around Austafailia these days.

      After all that effort I think you’ll also find the Palauans STILL hold the record for their 7-ton stone coins, and of course there is the Ningi and Trigantic Pu.

      NBN? Nah, that’s for smartarses! High speed rail link between cities? Nah, mate, that’d put all those truckies out of a job! Worlds heaviest gold coin weighing one ton? BEAUDY MATE THAT’S BONZA, CRACK ME A TUBE!

      • strangeloup says:

        The coin’s actually made of Australium.

      • drewski says:

        I have no idea what you’re getting angry about here. It was a marketing stunt. If they need the gold for any reason in the future, they can just melt it down.

  5. mrmalodor says:

    Oops, I stumbled and fell on my keyboard which accidentally wrote a malicious piece of code that mines bitcoins and sends them to my wallet.

    Oops, actually I was trying to make an April fool’s joke.

    Oops, I was really just trying to test a cool new feature for you guys.

    Oops, it was a rogue employee, I’m innocent. That’s totally the truth. You guys believe me, right?

    In all seriousness, I think this goes far deeper and the amount of money mined is a lot bigger than they’re admitting. This operation has probably been going on for a long time and may have been authorized by the owner. The only accident here is the fact that someone set the GPU usage to 100%. Otherwise nobody would have ever noticed. Tens of thousands of PCs using just 10% of their GPUs would earn a shitload of cash in a few years without anyone noticing. In fact, I wouldn’t be surprised if this is how the ESEA’s existence was funded.

    • MiniMatt says:

      10,000 PCs using an extra 50 watts electricity for ten hours per week for a year would be 260 megawatt-hours of electricity. Bog standard coal power plants are typically quoted as causing about a kilo of CO2 per mwatt/hour. So that’s about a quarter ton of extra CO2 floating around.

      When your grandkids ask what happened to the polar bears, point to a polished Counter Strike trophy and tell them the ESEA killed them :o)

      • lordcooper says:

        Or just plain gaming for that matter. I’m fairly sure my PC uses more than 50 watts.

    • Hmm-Hmm. says:

      Yeah, I don’t know what has been going on, but I wouldn’t be surprised if this thing is a bit bigger than it appears.

  6. IgnitingIcarus says:

    Pando Media Booster does suspicious stuff! I’m not crazy! I think they’re mining bitcoins off of the program! Don’t shun me, society!

    *edit* I’m honestly not kidding, Pando Media Booster runs my GPU full speed ahead and for what reason? Why would it need to run my GPU? and tons of companies use it. Bit coins I say, BIT COINS!!!

  7. Simon Hawthorne says:

    The pockets in Australian shorts must be HUGE.

    • Bhazor says:

      You should see the size of the condom you get for that.

      • Spacewalk says:

        When someone mentioned Trojans to them they probably thought that they were talking about the horse.

    • corinoco says:

      Some wise guy will try to ask some poor cabbie for change with this, then claim he tried to pay with legal tender. I’ve heard of it done with our $200 coins, but not for a while – these days a cab fare from the airport to the mid-suburbs is a hilarious $130 after tolls.

      Yes, Austfailia is the most expensive country on the planet. All that mining wealth is doing great things eh? To about 8 people…


      This message brought to you by the Austfailian Anti-Tourism board – protecting innocent travellers since two minutes ago.

      • drewski says:

        Given the coin has a face value of $1 million, and the metal in it is worth well over $50m, I think any cabbie getting offered it would very happily scrounge up the $999,980 or so in change it’d take.

        Although it might mean a side trip to the London Metals Exchange. But hey, for $49m, I’d fly to London any day.

  8. Tinarg says:

    What if Steam would do this?
    I think most users would grumpily accept it, in fear of losing their gaming catalogue.

    • mrmalodor says:

      I would stop using it and turn to piracy or another distributor.

    • MiniMatt says:

      Can’t speak for most, but personally I would stop in an instant and have no qualms about obtaining pirate copies of my paid for steam catalogue and using another distributor for future purchases.

    • lordcooper says:

      It could actually be cool as an optional feature if individual contributions are tracked and rewarded with discounts.

      • Shuck says:

        The cost of the electricity used would far exceed the value of the discounts, so definitely not cool.

  9. Ansob says:

    You’ll notice that the quantity of ill-gotten BitCoins has once again gone up there

    Quantity != value. Since the price of 1BTC is about as stable as a house made of papier mâché in a hurricane, their BTC portfolio probably just gained a bit of value. Unless I’m wrong and they quoted a BTC amount alongside that USD value?

    • Donjo says:

      You think they’re tracking BTC/USD value fluctuation against amounts of data mined when shit has already hit the fan and is now caked *all* over the walls?

      They’re probably hoping people won’t mind incremental increases before another “revelation”.

      • frymaster says:

        It’s rather more likely that represents a couple of more bitcoins that clients which hadn’t been turned off mined between then and now.

        In my opinion:

        – There’s no way ESEA as an entity was aware of this
        – There’s very little chance whatever individual did this did it accidently either, as whoever did this has to have noticed the money rolling in (cue Antonio Banderas musical number)
        – Deliberate intent is almost irrelevant here. It’s certainly more deliberate than Google’s harvesting of network packets from open wifi networks, and Google was justifiably crucified for that. It’s a very clear breach of the “unauthorised access” clause in most country’s cyber security laws.

        • Jediben says:

          Can’t understand how they know which bitcoin wallets they were paid into if they weren’t involved….

  10. cpy says:

    I would be pissed also i would find out pretty quickly, since CS GO does not load my GPU much that it would make serious noise, so if it did i would investigate :)
    Yay my new avatar is in!

  11. Jenks says:

    Hopefully they refund everyone the $1 increase in their electricity bill this month.

  12. Richeh says:

    So, yeah, really shady. But am I alone in thinking that this has the makings of a really good idea? Run a tournament, everyone playing or spectating has to run a client with the BTC miner, winner takes the pot. Maybe the tournament operators take a cut if it’s big enough to cut out the need for advertising or sponsorship.

    • mickygor says:

      Would impact the gaming too much

      • TechnicalBen says:

        Not for the “viewers”. :P
        Forget adverts… we can get Youtubers/facebookers to grow tulips in the garden… I mean Bitcoins. That will have no negative effects to the tulip… I mean bitcoin market.

  13. psepho says:

    Isn’t this exactly the same as co-opting someone’s PC for use in a botnet? Substitute ‘mining bitcoins’ for ‘sending spam’ or ‘brute-forcing passwords’ and your are basically there.

  14. marketoo says:

    Meanwhile, if you are in the UK, the only way to buy Bitcoins is using e-bay or other expensive intermediaries. Check this blog with alternatives routes weekly updated:

  15. Elos says:

    Has anyone said buttcoins yet?

    link to