If you live in the Philippines and you play League of Legends you may want to run your go-to antivirus program right away.
A player hopped onto the game’s Reddit community today to showcase their findings of a cryptocurrency mining program called Coinhive that is loaded into Garena’s game client. Other members of the community jumped into the debate to discuss the legality of Garena including a coin miner into the client’s download to essentially use their customer’s machines to mine for currency. But the reality of the situation is that Garena probably didn’t put it there.
Coinhive is a Javacript-based program, according to its own website, which means it’s relatively low-impact. It was probably designed that way in order to not strain target computers while operating, which would make it harder for anyone using those computers to actually notice it was there—perfect for anyone hoping to exploit them.
Since it’s based in Javascript, Coinhive could easily be integrated into any website’s design. The idea is that when someone then visits the website, they’re giving the program access to their own machine. Or, in this case, it happens when they download the Philippines Garena League client.
So rather than Garena trying to exploit their customers’ machines to mine a relatively unsuccessful cryptocurrency (this particular program farms for Monero), it’s more likely that an unsavory party gained access to the client’s back-end and loaded it up themselves to gain access to the client’s massive audience. It’s possible that Garena is, in fact, behind this; it just isn’t likely.
It’s also possible that this isn’t a widespread issue, and maybe this Reddit user simply had the issue beforehand, or maybe only a handful of players were targeted.
If the entirety of the Philippines playerbase has been targeted with this program, though, this is a very big deal, and we’d hope that Garena would take necessary steps to fix it. Neither Garena nor Riot Games have commented on the issue yet.