Categories: SecurityWorkspace

Warning: Bitcoin Mining Beast Made Legit Via Licence Agreement

A piece of Bitcoin mining software has been thrust on to users’ machines and apparently made legal by including a permission to suck up compute power in the end user licence agreement (EULA).

Described as a potentially unwanted program (PUP), the Bitcoin miner appears to be downloaded alongside browser software from an organisation known as Mutual Public, or We Build Toolbars.

Bitcoin miner PUP

According to a file dug up by Malwarebytes, the EULA says that “as part of downloading a Mutual Public, your computer may do mathematical calculations for our affiliated networks to confirm transactions and increase security”. “Any rewards or fees collected by WBT or our affiliates are the sole property of WBT and our affiliates,” it adds.

Malwarebytes traced a “monitor.exe” file back to Mutual Public, discovering that it was downloading the Bitcoin miner from a remote server.

Bitcoin miners carry out the difficult mathematical problems required to unlock new Bitcoins. Crooks like to install Bitcoin miners on users’ systems and building significant-sized botnets, but it appears some have started to legitimise the process  using EULAs.

“In my opinion, PUPs have gone to a new low with the inclusion of this type of scheme, they already collected information on your browsing and purchasing habits with search toolbars and redirectors,” said Adam Kujawa, lead malware intelligence analyst at Malwarebytes, in a blog post.

“Already assaulted users with pop-up ads and unnecessary software to make a buck from their affiliates. Now they are just putting the nails in the coffin by stealing resources and driving user systems to the grave.”

Bitcoin hit fresh highs last week, as the value for 1 BTC shot up over the $1000 mark.

What do you know about Bitcoin? Take our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago