Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Bitcoin mining function embedded inside rogue EULAs, Malwarebytes warns

Currency boom drives new wave of PUPs

Article comments

The booming Bitcoin price is driving rogue software firms to embed mining functions inside apparently innocent tools that come with End User Licence Agreements (EULAs) legitimising the behaviour, security firm Malwarebytes has warned.

The firm said it had recently received a report on the ‘Your Free Proxy’ tool distributed by US outfit We Build Toolbars LLC which had been consuming 50 percent system resources on one user’s PC.

A closer look revealed that the tool been installed with the hidden Bitcoin miner ‘jhProtomine’, a fact that was cheekily referenced in its catch-all EULA.

“COMPUTER CALCULATIONS, SECURITY: as part of downloading a Mutual Public, your computer may do mathematical calculations for our affiliated networks to confirm transactions and increase security. Any rewards or fees collected by WBT or our affiliates are the sole property of WBT and our affiliates,” read the key EULA paragraph.

Bitcoin mining of this type is not new but the tactic of embedding the permission inside a EULA is still novel. Malwarebytes classifies the program as a Potentially Unwanted Programme (a PUP), a long-established form of software annoyance where users get a lot more than they bargained for, usually in the form of interference to their browser settings.

In the past largely employed by small US-based firms, the PUP tactic has fallen out of favour in the face of the wave of aggressive East European malware that has made it almost impossible to install anything with suspicion being raised.

However, until the US authorities stamp down on it Bitcoin mining might temporarily rejuvenate the category.

“In my opinion, PUPs have gone to a new low with the inclusion of this type of scheme, they already collected information on your browsing and purchasing habits with search toolbars and redirectors,“ said Malwarebytes researcher, Adam Kujawa.

“They assault users with pop-up ads and unnecessary software to make a buck from their affiliates. Now they are just putting the nails in the coffin by stealing resources and driving user systems to the grave.”

Malwarebytes’ message is to expect more where this came from, at least as long as the surge in the value of Bitcoins continues. Bitcoins are also designed to get more difficult to mine over time which could be driving the demand to distribute the workload across botnets of slave computers.

There is hard evidence that the criminal underworld sees Bitcoin mining as an interesting sideline. Last week, a security firm discovered a version of the Atrax malware kit with a module capable not only of mining the currency behind the user’s back but stealing it from digital wallets.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *