The website for Ultimate Fighting Championship (UFC) is the latest victim of the Coin Hive malware that secretly mines for Monero cryptocurrency.
Adding Insult to Injury
There was no notice that the Coin Hive script was being run. Redditor gambledub noted:
Hack or Inside Job?
The interesting question about the Coin Hive malware being on the UFC website is whether it was done by hackers or by the UFC. One would think that the UFC makes enough money through their streaming fees and other endeavors to not risk the ire of their paying customers by inflecting malware on them. The logical assumption is that a hacker did this as Coin Hive has become extremely popular with them. In the last few months alone, more than 200 sites have had the malware quietly installed, either by the site itself or dropped in by hackers.
Yet the UFC has not issued any sort of statement on the Coin Hive script found on their site, even though the offending script has now been removed. If the UFC placed the script, it could be considered potentially illegal and definitely unethical. If a hacker placed it, then it shows that the website is seriously lacking in security, which is not good as people have financial data (credit cards, etc.) stored on the site.
This just continues to show how criminals will use the latest technology to line their pockets. The concept of Coin Hive is actually not a bad thing at all, but just like most things, it can be easily perverted for nefarious gains. If the UFC was hacked, it would be fitting justice to send one of their fighters to have a “talk” with the hacker in question.
Do you think Coin Hive found on the UFC site was placed by a hacker or by the UFC itself? Have you been the victim of this malware? Let us know in the comments below.
Images courtesy of Pxhere, Flickr, and Wikimedia Commons.