Sneaky Software Turns Your PC Into a Bitcoin-mining Zombie -- and Owns Up to it in the EULA
As the Bitcoin bubble inflates to over $1,000 per unit, legions of newcomers are scrambling to join the digital gold rush. For some companies, that means accepting the currency at online checkout counters; for others, it means releasing PC hardware designed to "mine" new Bitcoins at blistering rates. But an unscrupulous few have turned in a more sinister direction, covertly converting users' hardware into Bitcoin-mining zombies.
Mon, December 02, 2013
PC World — As the Bitcoin bubble inflates to over $1,000 per unit, legions of newcomers are scrambling to join the digital gold rush. For some companies, that means accepting the currency at online checkout counters; for others, it means releasing PC hardware designed to "mine" new Bitcoins at blistering rates. But an unscrupulous few have turned in a more sinister direction, covertly converting users' hardware into Bitcoin-mining zombies.
The E-Sports Entertainment recently agreed to pay a $1 million settlement after secretly installing Bitcoin mining software on more than 14,000 computers nationwide. But this holiday weekend, the makers of the superb Malwarebytes anti-malware software shined a light on a new type of malicious miner--one that announces its plans right in the installation agreement.
Malwarebytes says that the "Your Free Proxy" software by We Build Toolbars, LLC, includes the innocently named "Monitor.exe," which not-so-innocently "beacons out constantly, waiting for commands from a remote server, eventually downloading the [jhProtominer mining software] and installing it on the system."
Bitcoin mining is an intensive process that strains your CPU and GPU alike, to the point of drastically slowing down your system (depending on your setup).
IN YOUR FACE!
Secret commands and secret Bitcoin mining software installed by slyly named executables just screams "MALWARE!" doesn't it? Well, not technically. Malwarebytes scrounged up the following interesting tidbit in Your Free Proxy's EULA:
COMPUTER CALCULATIONS, SECURITY: as part of downloading a Mutual Public, your computer may do mathematical calculations for our affiliated networks to confirm transactions and increase security. Any rewards or fees collected by WBT or our affiliates are the sole property of WBT and our affiliates.
Yep, Your Free Proxy flat-out says it plans to thrash your CPU in a quest for digital gold, literally banking on the fact that no one--no one--reads EULAs or TOS agreements.
Malwarebytes has labeled We Build Toolbars' software as a "Potentially unwanted program," or PUP.
"In my opinion, PUPs have gone to a new low with the inclusion of this type of scheme, they already collected information on your browsing and purchasing habits with search toolbars and redirectors," Malwarebytes' Adam Kujawa wrote. "They assault users with pop-up ads and unnecessary software to make a buck from their affiliates. Now they are just putting the nails in the coffin by stealing resources and driving user systems to the grave."
If you don't like the idea of shady software putting your PC's pedal to the metal under your nose, grab a solid anti-malware program and read up on how to protect your PC against the Web's most devious security traps. (Yes, Malwarebytes is in there.) This episode drives home another point, as well: Make it a point to read the EULA of any software you install--or at least utilize the services of a legalese scanner like the superb EULAyzer donationware.