League of Legends PH Client Facilitated Cryptojacking Due to Modified Code

Popular online games have always been a prone target for criminals and hackers. Although these incidents are usually aimed at collecting users’ in-game items or payment information, a new trend has begun to emerge. Various sources claim the League of Legends PH client was briefly infected by cryptocurrency mining malware last week.

Cryptojacking Is a Very Big Problem

It has become apparent that criminals have grown quite fond of the concept of cryptojacking. Distributing malware to millions of consumers and hijacking their devices to mine cryptocurrencies is a rather profitable business. That’s especially true when the computers are mining Monero, as it is relatively easy to do so and the currency is still relatively valuable despite recent price declines.

It now seems these criminals are turning their attention to the gaming industry. That is not entirely surprising, as there have been attempts to infect game downloads with malicious cryptocurrency malware over the past few years. A large-scale attack has not been documented just yet, although it is only a matter of time until that situation changes. When it does, it will set a very interesting precedent, for many reasons.

According to some Reddit reports, the League of Legends servers may have fallen victim to cryptojacking malware. It seems the malware makes use of the Coinhive mining script, which will not come as a big surprise to most people. This has been the most popular cryptocurrency mining script to date, and it seems that situation will not be changing anytime soon.

For criminals, it would make a lot of sense to target League of Legends players. More specifically, the popular MOBA game has its own native gaming client, and it can be hijacked to mine cryptocurrency on behalf of criminals. Every gaming client uses a lot of CPU power from day one, and thus such activity would not necessarily be uncovered right away.

The Riot Games team, who actively develop and maintain League of Legends, have already taken the necessary steps to address these cryptojacking concerns.  The firm confirmed there had been an unauthorized modification of the League of Legends PH client lobby which allowed for the execution of cryptocurrency mining malware. The code has since been removed, although it took them two days to do so in a proper and secure manner.

For the time being, it remains unclear how much cryptocurrency has been mined through the modified League of Legends client. Rest assured this was just a trial by criminals to see whether or not the approach was viable and successful. With this success clearly noted, it remains to be seen if future attacks will surface. Such incidents may not even be unique to League of Legends clients, as any major game is at risk of cryptojacking.


by JP Buntinx via NullTX