Though it requires active participation from the participant, i.e. visiting the "infected" website. Whereas this method requires no actions on part of the server, beyond behaving normally.
Makes me wonder what other sort of things a given server is participating in without realizing it. I don't see how you could use this exact technique(TCP checksums) to mine crypto, for example, but there might be some relatively common web applications out there that could be exploited in a similar way.