Today in “Things Your Tech Service Shouldn’t Do” we present YourFreeProxy from Mutual Public AKA We Build Toolbars, LLC. The company, which offers proxy servers for routing around firewalls and censorship, has been secretly using its tool to mine Bitcoin using their customer’s computer. This “feature” even appears prominently in their terms of service.
[blockquote]COMPUTER CALCULATIONS, SECURITY: as part of downloading a Mutual Public, your computer may do mathematical calculations for our affiliated networks to confirm transactions and increase security. Any rewards or fees collected by WBT or our affiliates are the sole property of WBT and our affiliates.[/blockquote]
While I suspect they’ll change this once they all wake up from their Thanksgiving slumber on Monday to a swirl of Internet invective, given the processor power required to mine Bitcoin and potential for system degradation, this is a massive affront to the user and a clear abuse of the freemium model. In fact, one user reported to Malwarebytes that they saw a 50% increase in processor usage when they installed the “toolbar.” WBT uses the program jhProtominer run by Monitor.exe to do its dirty work and you can’t delete it thanks to traditional malware persistence techniques.
“In my opinion, [they] have gone to a new low with the inclusion of this type of scheme, they already collected information on your browsing and purchasing habits with search toolbars and redirectors,” writes Malwarebytes’ Adam Kujawa. “They assault users with pop-up ads and unnecessary software to make a buck from their affiliates. Now they are just putting the nails in the coffin by stealing resources and driving user systems to the grave.”
The worst thing, in my opinion, is that mining software could soon be flagged as malware, a problem that could reduce its availability in some settings. In short, it’s bad for everybody, even these WBT scammers.