MGG / Video Games Articles and stories / League of Legends (LoL) /

Is the BlitzGG app using your computer to mine Bitcoin?

Is the BlitzGG app using your computer to mine Bitcoin?

According multiple Reddit threads, the popular TSM-owned BlitzGG app for League of Legends and other titles is the subject of a widespread malware attack that was initially thought to be a Bitcoin mining operation.

Is the BlitzGG app using your computer to mine Bitcoin?

Michael "Veteran" Archer, former head coach for European League of Legends teams Schalke 04 Esports and H2K, has drawn attention to a series of Reddit threads that claim the BlitzGG app is part of a widespread issue that is attempting to install malware on users' systems.

Initially thought to be a background Bitcoin mining operation related specifically to BlitzGG, it now seems to be a more widespread malware attack that aims to trick people into updating Electrum, a popular Bitcoin wallet. 

A popup has appeared through the BlitzGG app, asking users to update Electrum to avoid a 'vulnerability'. 

Image from BlitzGG Discord server - League of Legends
Image from BlitzGG Discord server

According to users in this Reddit thread, the issue affects multiple websites, browsers and operating systems, from Chrome and Safari to iOS. 

The popup can even appear on systems that don't have the Electrum wallet installed, and for people who have never used it.

The message seen is as follows:

Electrum versions older than 4.0.9 have a vulnerability. Please update Electrum to avoid losing funds.

As you can see in the image above, the popup comes from the BlitzGG app.

Update from BlitzGG staff - League of Legends
Update from BlitzGG staff

Veteran updated his thread to offer context from BlitzGG staff, with the original thread in the BlitzGG subreddit deleted. 

A staff member by the name of Marcel has claimed the issue stems from a 'malicious advertisement' added to Google's ad platform, which is served to 'millions of websites'. 

Should you see this notification, do not under any circumstances click 'OK'.  If you do, it attempts to install an executable file containing the malware.

David Duffy
David W. Duffy

Editor in Chief, MGG EN | Repatriated Geordie, former teacher, grammarian. Editor of many things for a decade and a half, most of which you've probably never heard of.