McAfee Web Advisor just told me they prevented crypto jacking on chess.com.

Today I logged onto my laptop and decided to go on chess.com as usual. Only to get a message form McAfee web advisor that they prevented crypto jacking on chess.com. I find this to very concerning. How did it occur. Do I need to be concerned about my security on this site?

McAfee - "We prevented cryptojacking on this site. Your computer is safe and you can keep browsing with confidence."

Staff are aware of McAfee reporting that and are pretty sure it's a false positive. They are contacting them to see what exactly is triggering that on their end

There are premium members getting the warning and no ads are served to them.

Thanks Martin. I often navigate Chesscom when I am not logged in, just to read a blog or article. I've noticed some strange increase in CPU and network traffic the last couple of weeks and now I only navigate on Chesscom logged in to suppress the ads.

I'm not familiar with the blog writing tools, is it possible a blog could be infected?

It shouldn't be possible. You can't embed things like JavaScript just images and videos.

Back in November 2023, Chesscom had a rather large data breach;

https://www.chess.com/forum/view/help-support/warning-extension-on-my-computer-said-that-chess-com-has-been-hacked-recently

This leaked data could be used as phishing targets for installing crypto jacking software disguised to look like sent by Chesscom.

Perhaps Chesscom could inform users if their data was leaked, and explain to them how to spot Phishing Emails Messages.

No, there wasn't a data breach.

Someone used email addresses gleaned from outside sources and the friends option here to find accounts here using those addresses, then used the API to pull publicly available data.