Global Navigation
Office of The Attorney General
The State of New Jersey Office of The Attorney General (Dept. of Law & Public Safety) The State of New Jersey NJ Home Services A to Z Departments/Agencies OAG Frequently Asked Questions
Services A to Z Departments/Agencies OAG Frequently Asked Questions
OAG Home
OAG Contact
spacer
Back to News Releases
OAG Home Attorney General's Biography
Attorney General's Biography
spacer spacer spacer
   
 
spacer spacer spacer
spacer spacer spacer
For Immediate Release: For Further Information:
November 19, 2013

Office of The Attorney General
- John J. Hoffman, Acting Attorney General
Division of Law
- Christopher S. Porrino, Director
Division of Consumer Affairs
- Eric T. Kanefsky, Director
Media Inquiries-
Lee Moore
609-292-4791


Citizen Inquiries-

609-984-5828
spacer
spacer spacer spacer
spacer
Acting Attorney General Announces $1 Million Settlement Resolving Consumer Fraud, Unlawful Access Claims Against Online Gaming Company
Software Code Spied on Users’ Computers, Mined for Bitcoin Currency
spacer
spacer spacer spacer
spacer
spacer
spacer spacer spacer
spacer
TRENTON – Acting Attorney General John J. Hoffman, the Division of Law and the Division of Consumer Affairs announced today that on-line video gaming company E-Sports Entertainment, LLC, has entered into a $1 million settlement that resolves allegations it infected thousands of personal computers with malicious software code enabling E-Sports to monitor what programs subscribers were running and illegally mine for bitcoins.

In a formal complaint filed today along with two consent judgments outlining the settlement, the State alleges that E-Sports created and deployed malicious software code that infected the computers of thousands of customers who subscribed to its anti-cheat services for popular on-line video games.

According to the complaint, the malicious code enabled E-Sports to monitor users’ computers even when they were not signed onto or using E-Sports services. E-Sports also created a botnet – a network of computers running malicious software -- using its customers’ computers. The botnet used the computing resources of users’ computers to mine for bitcoins, a virtual form of currency. It is estimated that, during a single two-week period, E-Sports took control of approximately 14,000 computers in New Jersey and across the nation, and generated approximately $3,500 by mining for bitcoins.

“This is an important settlement for New Jersey consumers,” said Acting Attorney General Hoffman. “These defendants illegally hijacked thousands of people’s personal computers without their knowledge or consent, and in doing so gained the ability to monitor their activities, mine for virtual currency that had real dollar value, and otherwise invade and damage their computers.

“This case should serve as a message that we are committed to protecting New Jersey consumers, and that we will hold accountable anyone who seeks to exploit them through misleading claims, deceptive practices or the invasion of their computer privacy,” Hoffman said.

As part of its settlement with the State, E-Sports has agreed to refrain from deploying software code that downloads to consumers’ computers without their knowledge and authorization. The company also must submit itself to a 10-year compliance program and create a dedicated page on its Web site that specifies what type of data it collects, the manner in which the data is collected, and how the information is used.

E-Sports must pay the State $325,000 of its $1 million settlement obligation. The remainder is suspended and will be vacated within 10 years, provided the company adheres to all settlement terms and avoids future violations of the law.

”Consumers who subscribed to E-Sports' video game anti-cheat services paid for protection from cheaters – not to be cheated by the very services they’d purchased,” said Division of Law Director Christopher S. Porrino. “Companies that collect consumer information and access users' computers have a duty to ensure that protocols and procedures are in place to protect the information they collect. Moreover, no company should obtain more access or information than is necessary to engage in the legitimate operation of its business.”

“Following our $1 million settlement with PulsePoint earlier this year, today's settlement serves as another victory for consumer privacy for New Jersey consumers and consumers across the country," said Division of Consumer Affairs Director Eric T. Kanefsky. "Whether through the circumvention of browser settings, unlawfully mining for bitcoins or by failing to adequately protect customers’ personal data from breaches, our office will hold accountable those companies and individuals that violate consumers’ expectations of privacy.”

E-Sports co-founder Eric Thunberg and E-Sports software engineer Sean Hunczak are each parties to the settlement being announced today.

E-Sports was established in 2006 and is based in Commack, NY. E-Sports charges subscribers $6.95 per month to play E-Sports-supported games against other E-Sports subscribers on the company’s hosted, anti-cheat game servers. To play on E-Sports-hosted game servers, subscribers must download and install E-Sports software onto their computers. Once installed, the software enables E-Sports full administrative access to subscribers’ computers.

The State’s complaint alleges that, via its software, E-Sports downloaded malicious software code onto subscribers’ computers that enabled E-Sports to monitor what programs were run by subscribers, even when those subscribers were not using E-Sports services and the E-Sports software was not turned on.

The complaint also alleges that Thunberg and Hunczak developed the malicious bitcoin-mining software code that enabled them to use the graphics processing units of subscribers’ computers to mine for bitcoins undetected.

As part of the process, the complaint alleges that Hunczak turned E-Sports’ subscribers’ computers into a botnet for the purpose of mining bitcoins. The bitcoin-mining software code enabled Hunczak to mine for bitcoins only when users were away from their computers.

The State’s complaint alleges that Hunczak created at least four bitcoin “wallet” addresses where he deposited bitcoins mined via the E-Sports botnet. Hunczak allegedly then sold the mined bitcoins, converting them into U.S. dollars and ultimately depositing them into a personal bank account. According to the State’s complaint, Thunberg supervised Hunczak’s activities, provided Hunczak with input, and authorized Hunczak to use company time to develop, create and test the E-Sports bitcoin mining code. E-Sports apparently terminated use of the bitcoin mining code in May 2013 after an E-Sports subscriber discovered it.

The complaint filed today charges E-Sports, Thunberg and Hunczak with violating New Jersey’s Consumer Fraud Act and the State’s Computer Related Offenses Act.

In addition to the $325,000 settlement payout and a general agreement to refrain from any unfair or deceptive acts, E-Sports has agreed under the settlement to a variety of changes in its practices. Among the changes is creation of a new consumer information page that, among other things, will include information on how consumers can restrict, limit, opt-out of, or otherwise control the data or consumer information collected by E-Sports about them or their computers.

The company also has agreed to put in place a privacy and data security program that contains comprehensive privacy controls and procedures, and is designed to ensure the confidentiality of consumer information. As part of the program, E-Sports has agreed to regular testing or monitoring of its security controls. It also has agreed to hire a third-party professional to conduct a Privacy and Security Audit Report covering the first 90 days after the settlement’s effective date and, subsequently, every two years through 2023.

Deputy Attorneys General Jah-Juin Ho, Edward Mullins and Glenn Graham, and Assistant Attorneys General Kevin Jespersen and Brian McDonough, assigned to the Division of Law’s Affirmative Civil Enforcement group, and Investigators Brian Morgenstern and Aziza Salikov of the Division of Consumer Affairs Cyber Fraud Unit, handled the E-Sports matter on behalf of the State.

spacer
spacer spacer spacer
spacer
 
 
Contact OAG About OAG
OAG News OAG Frequently Asked Questions
OAG Library Employment
OAG Grants Proposed Rules
OAG History OAG Services A-Z
OAG Agencies / Programs / Units
Other News Pages Otras Noticias en Español Division of NJ State Police Division of Law News Governor's Office News Division of Highway Traffic Safety News Office of the Insurance Fraud Prosecutor Juvenile Justice Commission News Division on Civil Rights News Division of Consumer Affairs News Division of Criminal Justice News Election Law Enforcement Commission Division of Gaming Enforcement News
NJ State Police News Governor's Office News Division of Highway Traffic Safety News Office of the Insurance Fraud Prosecutor Juvenile Justice Commission News Division on Civil Rights News Division of Consumer Affairs News Division of Criminal Justice News Election Law Enforcement Commission Division of Elections News Division of Gaming Enforcement News Office of Government Integrity News

free PDF plugin

NJ State Police News Governor's Office News Division of Highway Traffic Safety News Office of the Insurance Fraud Prosecutor Juvenile Justice Commission News Division on Civil Rights News Division of Consumer Affairs News Division of Criminal Justice News Election Law Enforcement Commission Division of Elections News Division of Gaming Enforcement News Office of Government Integrity News
   
Contact Us | Privacy Notice | Legal Statement | Accessibility Statement
NJ Home Logo
Departmental: OAG Home | Contact OAG | About OAG | OAG News | OAG FAQs
Statewide: NJ Home | Services A to Z | Departments/Agencies | FAQs
Copyright © State of New Jersey
This page is maintained by OAG Communications. Comments/Questions: email or call 609-292-4925
OAG Home OAG Home NJ State Police News Governor's Office News Division of Highway Traffic Safety News Office of the Insurance Fraud Prosecutor Juvenile Justice Commission News Division on Civil Rights News Division of Consumer Affairs News Division of Criminal Justice News Election Law Enforcement Commission Division of Elections News Division of Gaming Enforcement News Office of Government Integrity News Click to Enlarge Image Click to Enlarge Image Click to Enlarge Graphic Click to enlarge chart Click to enlarge map Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge Click to Enlarge