The Coinhive miner which mines for the Monero cryptocurrency was found on the websites of Showtime Networks on Saturday but the company has yet to make any public statement about it.
The mining software was found on the domains showtime.com and showtimeanytime.com, which hosts the company's online video streaming service.
When iTWire checked at 9.40 AEST, the code had been removed.
Showtime Networks is a subsidiary of CBS Corporation that looks after the company's premium cable television channels, including its flagship service Showtime.
{loadposition sam08}Troy Mursch, a researcher at Bad Packets, noted that the presence of the miner had been first mentioned by a Twitter user named SkensNet.
@Showtimeanytime @Showtime https://t.co/3OO1i4RdOi looks to have been hacked. In your source code - "https://t.co/D6uFZJgzSe"
— SkensNet (@skensnet) September 23, 2017
He said Coinhive was a JavaScript library that could be embedded into any website.
"Once a user visits the website, they unwittingly start mining the cryptocurrency Monero. This can put a tremendous load on the CPU of anyone who visits a website with the Coinhive miner on it," it said.
Coinhive was recently noticed on The Pirate Bay site by the website TorrentFreak. When users of the site made their objections on the subreddit for The Pirate Bay, the miner was removed.
The code for Coinhive in the source code for the Showtime Anytime website.
Mursch said he had reviewed a cached copy of the Showtime Anytime website dating back to 21 September 21:31:06 GMT and this did not have the Coinhive code.
A version from the Internet Archive dated 18 September 10:06:54 GMT was also clean, he said.
The security firm MalwareBytes, said after the miner was discovered on The Pirate Bay that there appeared to be a trend lately for publishers to monetise their traffic by having their visitors mine for cryptocurrencies while on their site.
However, the mining sometimes continued after a user had left the site. "There is one exception here, in that in some cases, loading the JavaScript mining code once is enough, no matter whether the user decides to change site afterward, the mining will continue. This particular abuse technique affects Internet Explorer," the company said.
Screenshot: courtesy Bad Packets