Saif K.
1:20 22nd Nov, 2022

Garena and Its Crypto Scandal: Simplified for Beginners

League of Legends, a very popular game recently was a victim of a malware attack! Here's the full story:

League of Legends (LoL) created by Riot Games in 2009 is a Multiplayer Online Battle Arena (MOBA) computer game.

This game was subjected to “Crytojacking” which affected all the players.

The precise crypto hack that the client was subjected to was through a virus, known as Coinhive, a single line of Javascript code that mines cryptocurrencies (Monero, specifically).

Asia-based platform supplier Garena was established in Singapore in the year 2009. Garena hosts several multiplayer battle arena games like League of Legends, Heroes of Newerth, the online soccer game FIFA Online 3, as well as the shooting titles like Free Fire, Point Blank and Alliance of Valiant Arms, on its gaming servers.

Garena Zelta
Credits to Garena

In May, a report revealed that more than 300 websites had a Coinhive presence, though for some sites like Salon that was a deliberate business model choice as an alternative to ad revenue.

In January, it was found that these cryptojackings were impacting almost 55% of global businesses, with a vast majority embedded in online ads — Cointelegraph called it an "epidemic."

The same happened with a League of Legends client in the Philippines. The client unknowingly had a built-in Bitcoin miner on their Garena client program. It came to light when a Reddit user re-booted the laptop and the anti-virus flagged League of Legends as a risk which was directed towards, the website known for mining Monero.

Within all this hassle, one question arises:

What is Cryptojacking?

Cryptojacking is a threat where crypto jackers take over a computer or mobile device and uses its resources to mine cryptocurrencies.

Cryptojackers are those who take advantage of cryptocurrency mining systems but avoid the prohibitive price. Cryptojacking enables hackers to mine cryptocurrencies without incurring the high overhead costs of purchasing pricey mining equipment or high power bills.

crypto jacking; cryptojacking; stealing; theft
Image Credits: Binance

Monero is a cryptocurrency that is largely mined on home computers and is popular among hackers as it is hard to track.

(Also read: What are Blockchains?)

How does Cryptojacking Work?

One question that pops up after understanding cryptojacking is that how do cryptojackers work? and how do crypto-jackers get into your devices?
Let’s answer those:

Devices are first hacked by cybercriminals who then install a cryptojacking software. The malware keeps operating in the background, and steals from bitcoin wallets or keeps mining for new ones.

The affected users use their gadgets normally, however they can experience delays or decreased performance. Hackers can silently mine cryptocurrency on a victim's device using two main methods:

1- By persuading the target to open a malicious link in an email that launches crypto-mining software on the device.

2- By inserting a JavaScript code into a website or on an online advertisement so that it automatically runs when the victim's browser loads it.

To increase their profit, hackers frequently combine the two techniques. In each method, the victim is unaware while the malware installs the cryptojacking script into the device and lets it run in the background.

Regardless of the technique, the script solves mathematical problems on the computer and transmits the results to a server under the hacker's control.

Crypto Jacking Zelta
Credits: Udacity

Cryptojacking scripts don't harm machines or victims' data. Instead they steal processing power from computers. For victims this may look like an issue of slow computer performance. In a greater scenario, cryptojacking is a problem for businesses since they have to pay actual fees when their systems are compromised frequently.

What Happened with Garena League of Legends?

Players of League of Legends in the Philippines were recently the target of a "cryptojacking" attack as per Garena, the game's local publisher.

In a nutshell, on July 9th, a hacker put a line of computer code to the game's client that secretly mined cryptocurrencies. Garena programmers quickly upgraded the client and deleted the code.

Although it seems like a normal issue, it can really be very harmful for a gaming client. The goal of cryptominers, particularly malevolent ones, is to strain a computer to its maximum capacity in order to produce the greatest processing power—and hence, mine Bitcoin.

These can swiftly push a computer to its breaking point, resulting in wear and tear as well as perhaps scorching of the CPU or overflowing of the power supply.

Unfortunately, this is the second time for Garena that a malware has entered their client, raising concerns about its ability to shield players from attacks of these types in the future.

Tencent, the parent company behind Riot Games, plans to build its own platform internationally, giving Garena a competition and the need to either increase security or perhaps withdraw from the market.


As per a statement by Garena, "a specific piece of javascript code was injected into the League of Legends PH client lobby on July 9 as a result of illicit modification. On vulnerable machines, this malware does blockchain mining operations, using CPU resources on those computers in the process.

Our security engineers conducted a thorough examination and found that the impacted PCs are not affected in any other way except higher CPU consumption.

On July 11, our security engineers deleted this javascript code, ensuring that everyone—including those who had previously been impacted—would not experience this problem going forward."

In adding to this statement, Garena also said, “We give security issues the highest attention and deeply regret this event and the difficulty it has caused you.”

Presently, Garena continues to function with no malware running on its servers hopefully.

Trade Bitcoin and 200+ other coins with 0 fees* on

(Click here to learn about Game Theory in Crypto)

(If you liked this article, check out our other article on Rollbit)


Recommended Blogs