back to article That toolbar you downloaded is malware? Tough, read the EULA

Security software vendor Malwarebytes has highlighted what it says is an increasing trend for malware authors to embed Bitcoin mining into things like browser toolbar helpers and search agents. That's not so new, but its latest observation is that the malware-peddlers are trying to tie up suckers with their license agreements …

COMMENTS

This topic is closed for new posts.
  1. ratfox
    Unhappy

    Meh… EULAs

    It is impressive how EULAs and other T&Cs can contain so much crap, without any clarity on what is legal or not. I would think that good lawyers could put a hole through this particular one, but in general the field is full of gray.

    1. Jamie Jones Silver badge

      Re: Meh… EULAs

      Exactly.

      People seem to think that if something is in the EULA, it must be binding. - If you agreed in an EULA to kill your first-born, guess which response would be legal?

      1. John Tserkezis

        Re: Meh… EULAs

        "People seem to think that if something is in the EULA, it must be binding. - If you agreed in an EULA to kill your first-born, guess which response would be legal?"

        Everything in a EULA is absolutely binding unless there is a constrasting local, state, federal, international or other law or legal allowance. Killing your first born, or, obtaining money by deception is covered. So they *could* in theory put it in there, but it's not legally enforeable.

        However, stealing IOPS by deception is not covered by any other law, so they're allowed to do that. The EULA stands. It's slimey, but it stands.

        1. ratfox

          Re: Meh… EULAs

          "Everything in a EULA is absolutely binding unless there is a constrasting local, state, federal, international or other law or legal allowance. "

          I doubt that. Instead of killing your first born, try "I owe Microsoft one million dollars for every second I use this product". Giving money is legal, but I don't think it would fly either.

          1. John Tserkezis

            Re: Meh… EULAs

            "I doubt that. Instead of killing your first born, try "I owe Microsoft one million dollars for every second I use this product". Giving money is legal, but I don't think it would fly either."

            No, you perhaps don't understand. The EULA isn't the place for pricing, nor the licence agreement. But if you said something along the lines of "you allow us to charge your credit card for in-app purchases", and bury the actual prices somewhere else in a two point font that's hard to read because of the background, that's legal.

            Take for instance the CandyCrush (children's iPhone and Android game) scam that's being run now on TV. By law, they're required to state their fine print on screen. They do, with an intentional low resolution still image, where the text is so far obscured due to a small font that it's undreadable, in front of a background that makes it even less readable. So you go to their website where EVERYTHING works perfectly as you'd expect - except the "Terms And Conditions" link, which is obscured behind some odd java. Working past that and reading it reveals their host company is a gambling outfit. Yep, they're trying to start them young.

            But too late, your six year old badgered you into buying into it - and you didn't read a damn thing.

            In Australia, there is provision for getting out of contracts you (technically) agreed to, if you were "badgered" into it. This was primarily to allow for the rouge power retailers and long distance phone setups that became well-known for berating pensioners into buying their wares.

            But that doesn't work if your six year old was the one in your ear....

        2. Anonymous Coward
          Anonymous Coward

          Re: Meh… EULAs

          "However, stealing IOPS by deception is not covered by any other law, so they're allowed to do that."

          IANAL but I'd guess that the law against Abstracting Electricity might stand a chance against them. After all, it is not the stolen IOPs that you care about., It is in the excess electricity that those IOPs used, and that you had to pay for, where you can demonstrate that you have been bilked.

        3. Vociferous

          Re: Meh… EULAs

          > Everything in a EULA is absolutely binding

          Really? Where and when did I sign the contract? And if I didn't sign, how is it a contract at all?

          In most of the civilized world, EULA's are not considered contracts, and we should all pray that it remains that way.

          My favorite EULA is the one Sony bundled with all their audio CD's back in the day when they also added stealth-installed spyware in their audio CD's, a 17 kilobyte monstrosity Sony has since DMCA'd off the net -- but I still keep a copy to show people how absurd EULA's are. That particular EULA is brimming with illegal terms, like that you may never sell the CD, you can not sue Sony ever, for any reason, can only communicate with Sony through the court of Orange County, USA... and if you make a copy of a Sony audio CD, Sony owns your entire CD collection.

    2. Crisp

      Re: Meh… EULAs

      As a consumer, there's no way any contract can remove or override your statutory rights under UK law.

      1. Anonymous Coward
        Anonymous Coward

        Re: Meh… EULAs

        Under UK contract law there is a clear statement that an "unfair" contract, even if it has been voluntarily agreed to by all of the parties, cannot be enforced. The gotcha here is that what constitutes "unfair" has to be left to a judges discretion; he might agree that these terms are unfair (on the basis you are having your processor, and hence electricity, used for a purpose that you cannot gain any material or immaterial benefit from), but there again he might decide otherwise.

    3. localzuk Silver badge

      Re: Meh… EULAs

      You'd think good lawyers would do that, but the problem is the nature of the civil suit system. What happens is, someone gets a lawyer to lodge a suit, the company then ums and ahs about it, and before it gets to trial they settle. So, you never end up with a legal ruling.

      Which means no-one ever gets any decent guidance on what would be legal or not in T&Cs.

    4. Anonymous Coward
      Anonymous Coward

      Re: Meh… EULAs

      Human Cent-iPad anyone?

  2. C. P. Cosgrove

    Unfair to on-line retailers !

    "WBT uses a custom installer, Monitor.exe, which it serves up from Amazon"

    While I have no connection with Amazon other than as an occasional customer, I feel this is a little unfair to them. Unless I have completely misunderstood the Malwarebytes PDF referenced in the article, this PUP is stored on Amazon's cloud, not dished up with any software you might download from Amazon themselves.

    Chris Cosgrove

    1. DiViDeD

      oxymoron alert

      'Good' is not a word I ever expected to see in a sentence that also included 'lawyer' unless it also included the phrase 'up to no'

      1. Stratman

        Re: oxymoron alert

        "'Good' is not a word I ever expected to see in a sentence that also included 'lawyer' unless it also included the phrase 'up to no'"

        Or 'kicking'

  3. Anonymous Coward
    Anonymous Coward

    What about a web hosted email service using ssl, you host and setup logins for the customer? Of course it does depend on the file size.

    1. Destroy All Monsters Silver badge
      Paris Hilton

      What exactly is it you are saying?

      1. Anonymous Coward
        Anonymous Coward

        I'm saying that when I worked for a ftse100 company who needed pension info files sent to them, we gave our customers logon to a web hosted email server which we hosted so they could securely email files where they were required.

        I am also quite drunk, so apologies for incoherence.

        1. David Webb

          Drunk? You're past drunk and into "posting in the wrong thread".

          Here is where you wanted to be

          1. Jamie Jones Silver badge
            Happy

            I wouldn't normally make a post like this, but:

            "HAHA! Best thread ever!"

          2. Anonymous Coward
            Anonymous Coward

            Thank you, yes I just realized that... Hmm, really not sure how that happened, must go to bed now... :)

        2. Anonymous Coward
          Anonymous Coward

          Drunk posting

          The problem with your post is that you appear to be responding to an entirely different article to the one you have posted your comment on!

  4. Anonymous Coward
    Anonymous Coward

    "do mathematical calculations ... to confirm transactions and increase security"

    How do those stated purposes equate to bitcoin mining? Seems like the EULA doesn't cover it at all.

    1. MondoMan

      Re: "do mathematical calculations ... to confirm transactions and increase security"

      evil KOSer: bitcoin mining works by finding a hash value between 0 and the publicly-known "target" for that round. Each hash attempt processes (among other things) a link to the previous "block" in the bitcoin transaction database and new transactions to be added to the database. Hashes are "mathematical calculations". The target value is set to be positive, but low enough that it is difficult to find a desired hash value, thus increasing the security of the protocol. Once transactions have been included in a new block with hash value below the target value, they are considered to be confirmed.

      1. Anonymous Coward
        Anonymous Coward

        Re: "do mathematical calculations ... to confirm transactions and increase security"

        @MondoMan and @AC : thanks for the explanations. I see now how "confirm transactions and increase security" relate to the bitcoin activity.

        The thing is, though, it makes no mention of that activity and to any reasonable reader of the EULA the words relate to the expressed functionality of the tool being installed.

        So to my mind agreement to the EULA does not constitute agreement to the bitcoin mining, and that activity should be considered an offence under the appropriate laws (eg UK Computer Misuse Act).

        1. Matt_payne666

          Re: "do mathematical calculations ... to confirm transactions and increase security"

          Justakos, its not obvious, but its not misleading, they are just explaining the background as opposed to advertising their reward... no toolbar is 'free' and the fact that they are making money for authenticating the bitcoin chain is no different to them making money selling your search results or supplying advertising....

          One of the advantages of metro internet explorer is the death of the 3rd party toolbar!

          1. Anonymous Coward
            Anonymous Coward

            Re: "do mathematical calculations ... to confirm transactions and increase security"

            @Matt_payne666 :

            I don't really think 'misleading' is enough. There would be no need to mention the processing at all if it was just for explanation. I think it is an attempt to get the user to approve processing that they are unaware of.

            The way it is written, with no mention of the purpose of the processing, the user is left with the impression that it is a necessary part of the tool that they are installing.

            I think deceit isn't too strong a word.

    2. Anonymous Coward
      Anonymous Coward

      Re: "do mathematical calculations ... to confirm transactions and increase security"

      The process of mining a bitcoin involves solving a reverse hash problem on the bitcoin transaction chain. A valid solution to the problem allows the latest transactions at the head of the chain to be confirmed and consolidated into the ongoing chain. So that description does pretty much describe the process of mining.

  5. Don Jefe

    Isn't this akin to your mechanic using your car at the racetrack when he was only supposed to be changing the oil and keeping the purse if he wins?

    1. Anonymous Coward
      Anonymous Coward

      I was about to reply, "Well, at least this thing won't crash yo--", and then thought, "actually it's not a bad analogy..."

      1. Great Bu

        Good News !

        I changed your oil and spark plugs and as a bonus I can confirm that your air bags work (ed) !

    2. ElReg!comments!Pierre

      Mechanic

      Well, to be honest he does change the oil for free; I don't see much of a difference between this and innundating the user with ads or selling your data for market analysis. All are evil(TM) way of retributing "free" crapware (the alternate POV is that the free crapware is a disguise to distribute money-making infections, à la "$CELEB nude pics screensaver" ). Just another reason to forbid stoolbars, and to keep the LART at hand for the lusers who do download them.

      1. Don Jefe

        Re: Mechanic

        Who changes your oil for free?

        But yes, toolbars and all that crap are horrible inventions.

        1. ElReg!comments!Pierre

          Re: Mechanic

          > Who changes your oil for free?

          The mechanic in the original analogy

  6. Anonymous Coward
    Anonymous Coward

    It's this sort of shit that plays into the hands of Apple and Microsoft who want to kill off 3rd party hosting of software and channel everything through their app stores.

    With full power comes great responsibility. The scum who write this trojan style software have a lot to answer for.

    1. Eddy Ito

      The question then becomes, how long will it be before the big players start doing the exact same thing? It seems to me the lines could be injected into any EULA including ones from Apple, Google or Microsoft and it could be written into the OS or worse, anything produced with Xcode, Visual Studio, etc.

      1. ecofeco Silver badge

        "The question then becomes, how long will it be before the big players start doing the exact same thing?"

        Who says they aren't?

  7. Piro Silver badge

    It's a huge waste of time to attempt BTC mining on a normal PC

    It's not even worthwhile on large GPU arrays now, with the ASIC miners out there.

    There's no real reason for this stuff to mine BTC. But other random cryptocurrencies that still have relatively low burden and possible trading use? Sure.

    Even then, only really if the machine has a decent graphics card..

    1. Colin Miller

      Re: It's a huge waste of time to attempt BTC mining on a normal PC

      If you're not paying the 'leccy bill, then it might be, even if all your victims in total only give you one bitcoin.

      1. MondoMan
        Terminator

        Re: It's a huge waste of time to attempt BTC mining on a normal PC

        The mining will be so slow that you will never win the "race" to the next successful hash. Since it's a first-past-the-post system, you get nothing, as each time just dividing the work among your army of very slow bitzombies will take more time than others use to actually complete their solution with their compact high-power miners and win the round.

        1. Anonymous Coward
          Anonymous Coward

          Re: It's a huge waste of time to attempt BTC mining on a normal PC

          that is what the pools are for you troll.

    2. Anonymous Coward
      Anonymous Coward

      it's a question of scale ..

      They aren't trying to mine on _a_ normal PC, they're trying to mine on several million of them.

      Anything they make is free money.

    3. Anonymous Coward
      Anonymous Coward

      Re: It's a huge waste of time to attempt BTC mining on a normal PC

      Let's assume 10k-100k downloads as a "successful" toolbar.

      That's not really mining from a "normal PC" now is it?

      1. Anonymous Coward
        Anonymous Coward

        Re: It's a huge waste of time to attempt BTC mining on a normal PC

        Indeed. even if the toolbar is forced to mine using the CPU, even an old school crap CPU should get 700kh,

        multiply by 100k and you have 70gh/s surely enough to make some change?

  8. Long John Brass

    An idea for google

    Instead of plastering advertising all over the web

    When you use their search engine, it mines for bitcoins or whatever

    Could this finally be a business model for the likes of twatter?

    1. xperroni

      Re: An idea for google

      My thoughts exactly. Pay for software with your spare CPU cycles – a viable business model for the Internet era at last!

      1. Destroy All Monsters Silver badge

        Re: An idea for google

        I would rather run Seti@Home for free.

  9. Anonymous Coward
    Anonymous Coward

    The really sad bit is most users (who even hear about this) won't give a fuck if someone else is stealing their clock cycles to get rich, just as long as facebook loads fast enough for them.

    1. Old Handle

      It might actually be noticeable. In my brief stint GPU mining bitcoins, back before they were hundreds a piece, I found it was enough to introduce a small but annoying lag in mouse movements. It also sucked up an extra 60 watts or so.

    2. Adam 1

      They may complain once they realise their 6 hour battery is flat in under 2 and it is hot enough to fry an egg.

      1. Destroy All Monsters Silver badge

        I'll give your slow!

        Put Einstein@Home on your CUDA device and you will notice your machine is suddenly a fat cow.

  10. ecofeco Silver badge
    Facepalm

    EULAs suck

    But "helper" toolbars suck suck even worse and have since the days of Pointcast.

    1. VinceH

      Re: EULAs suck

      You know that. I know that. Typical readers of El Reg know that.

      But many people don't. Many people don't even know what one is, even AFTER it's been installed on their computer as part of the process of installing something else because they didn't see/understand the pre-ticked box, and the toolbar has, as a result, appeared at their browser.

      All they know is "all the extra buttons just appeared" at some point - often more than one lot at different times - making the browser window smaller, and now they've noticed the computer's a bit slow accessing the web.

  11. revdjenk

    Why is it...?

    ...that Linux specific problems (like the wifi router fail) have that OS' name prominent, but this one does not have Windows or Microsoft attached to it at all?

    C'mon!

    1. Jamie Jones Silver badge
      Facepalm

      Re: Why is it...?

      I'm a long time unix hacker, and hate Windows as much as the next guy, but are you really complaining about pro-MS bias here at the Reg? !!

      Besides, in all fairness, if this was an article about a toolbar program on Linux, and someone blamed the OS, I'm sure you'd soon call foul

  12. Winkypop Silver badge
    WTF?

    Browser toolbars?

    What year is this again?

    1. Haku

      Re: Browser toolbars?

      It doesn't matter what year it is, so long as there are people who can be tricked into installing crap then there will be other people putting crap out there.

    2. I ain't Spartacus Gold badge

      Re: Browser toolbars?

      I cleaned about 10 various toolbars, and a few more 'download helpers' off my sister-in-law's PC last night. When I turned it on, there were 86 processes running, after I'd run Malwarebytes, there were 60 left.

      I can't remember the last time I looked at a friend's PC for them and didn't find some toolbar they knew nothing about and never used. Even though most of the time it's just the Google one. The Google Toolbar and Chrome load themselves onto people's computers just like malware. Although at least Chrome has some use - I've no idea what the Google toolbar is for.

      Apple stopped bunging Safari out this way, so I guess there's still hope for Google.

  13. Anonymous Coward
    Anonymous Coward

    Is there a feasible way

    To patch or alter the bloody miner exe in order to wreck the whole bitcoin stuff ? Something close to what a carefully crafted virus did to Iranian nuclear program ?

    1. This post has been deleted by its author

  14. Tom 64

    jhProtominer

    jhProtominer doesn't mine bitcoin, but a precursor for bitshares.

    The work this does on your CPU cannot really be done on a GPU, but the resulting protoshares can be traded for BTC at an exchange.

    Do your research before starting a flame war.

    1. Jamie Jones Silver badge
      Facepalm

      Re: jhProtominer

      That's OK then (!)

  15. J.G.Harston Silver badge

    No contract can bind you to break the law. Any such contract that so attempts to bind one is itself void.

  16. Christian Berger

    I'm always surprised at the naivity of people

    I mean seriously, what do you expect to happen if you download software the creator refuses to give you the source code? Why would anybody keep the source code from you other than wanting to defraud you?

    1. Jess

      Why would anybody keep the source code from you other than wanting to defraud you?

      I can think of many reasons, but if you qualify that to free software from an unknown company, then your point becomes somewhat more valid.

    2. Jamie Jones Silver badge

      Re: I'm always surprised at the naivity of people

      We are well past the days when computers were just used by geeks....

    3. This post has been deleted by its author

    4. Sean Timarco Baggaley

      Re: I'm always surprised at the naivity of people

      @Christian Berger:

      "I mean seriously, what do you expect to happen if you download software the creator refuses to give you the source code? Why would anybody keep the source code from you other than wanting to defraud you?"

      What earthly use is the bloody source code to someone who has no clue about programming?

      People who can read source code and understand what it does – and who also happens to have lucked-out in becoming expert[1] in the same programming language(s) as the original developer – are unlikely to be ignorant enough to install such malware in the first place!

      However, NOBODY can be an expert in every field of human endeavour. IT is just one field among many. How would you like to be told that you got exactly what was coming to you every damned time your ignorance of a particular subject betrayed you? How would you like it if every time you failed to make a multinational corporation compliant with the likes of Sarbanes-Oxley and ISO 20001, you saw someone pointing and laughing at your ignorance and calling you a "n00b"?

      So much for your accusation of naïveté: We are ALL ignorant. We're just ignorant about different things.

      Most people don't want to build their cars from scratch, nor do they particularly care how they work. They'll happily buy a Ford Fiesta, or a BMW, or whatnot, and simply drive the thing. All cars share one common feature: their core user interface. Some details will change from car to car, but if you've learned to drive in a Vauxhall Astra, it's a fair bet you can work out how to drive a FIAT Punto or any other make and model of car built since the 1950s.

      For every James May, who could cite chapter and verse from the relevant Haynes manual for each car, there are a hundred Jeremy Clarksons, who couldn't give a toss how the bloody machine actually works. Yet most developers still believe everyone who has any contact at all with a computer should be like James May.

      The IT industry has moved on quite a bit since the 1960s and '70s.

      Open Source has become an anachronism. It is very much part of the problem, not the solution. Forget GNU, Stallman and the FOSS movements: they're yesterday's causes. The problem today isn't source code, but interfaces[2].

      Not just in the software, but across the entire chain – from box art to silicon chip, from API to documentation – it's all about interfaces, not code.

      End users should not be required to read complicated EULAs to determine whether the code they've downloaded actually does what it says on the tin. Why shouldn't they be able to pay for virtual gatekeepers to screen such things on their behalf? This is exactly why companies like Apple and Amazon have opted to provide such "gated communities[3]" for their users.

      Developers – and the IT community in general – really have only themselves to blame for this: you'll have massive flamewars over trivialities like tabs vs. spaces, while criticising the poor bloody users who have to put up with the ill-designed, barely usable, and barely-supported tripe you expect them to learn how to use. And then you think nothing of bundling in someone else's crap with your "free" software, because your definition of "free" isn't the same as the one in the dictionary.

      The IT industry's problems aren't Apple's, Google's, Microsoft's or anyone else's fault but yours. You've had half a century of power, but you've chosen to ignore all the responsibilities that come with it. It's time that changed.

      [1] There is a veritable Babel of programming languages out there, and merely reading some books and tinkering about with each of them does not make you an expert.

      [2] This will come as a shock, but some of you clearly haven't understood what the "I" in "API" actually stands for. Or the purpose of good documentation. Similarly, a published data format is also an interface. Interfaces are everywhere.

      [3] Google Play is the only "walled garden" out there. It has gardeners who react to problems after they've happened, not gatekeepers who stop the problems getting in in the first place.

      1. Mark .

        Re: I'm always surprised at the naivity of people

        I think the OP comments about source code is wrong, but I disagree with several of your points too.

        Open source does have the benefit that even if I don't understand the source code, there are many independent people who do. (So, for an on-topic example, trusting the official bitcoin clients because they are open source).

        Developers and the IT community include those that work for the big multinational companies, so it's unclear who you're arguing for or against here - you can't really separate into two distinct groups.

        For "gatekeepers" vs "walled gardens", i.e., pre vs post approval, each has their pros and cons. It's unclear that one is more secure than the other: gatekeepers may miss exploits until they are reported - certainly this has happened with things like copyright violations (e.g., VLC on IOS) which have then had to be dealt with the same as on Google Play. On Apple, the gatekeepers have abused the power to block all sorts of things, nothing to do with stopping malware. On Amazon, the gate means far fewer people put their software there at all. All reported malware on Android have AFAIK not been hosted on Google Play.

        I think people should be free to choose a moderated (whether pre or post) application site - indeed, that's why it's best of all if people have the choice. So on Android, if you think Amazon is more secure, you can do so; but a Kindle Fire user can't decide to use Google Play. On platforms like Windows and Linux, you have your pick of sites and communities to download from.

        I don't see that this has anything to do with EULAs though - you're right, users shouldn't have to read complicated EULAs, but IOS's software site has its own EULA/TOS that is required to be placed on all applications. Indeed, the Open Source you criticise is one of the few examples of software that does not require you to agree to anything (unfortunately some apps do insist you agree to the GPL, but the GPL explicitly states you don't have to - it's a licence, not a contract).

      2. Sander van der Wal

        Re: I'm always surprised at the naivity of people

        Hear hear.

  17. Anonymous Coward
    Anonymous Coward

    EULA's are not binding if

    1) they are presented after the consideration for the contract has been paid, or,

    2) there is no consideration

    1. Bluenose

      Re: EULA's are not binding if

      With respect to your point 2, whilst a contract must have consideration a license is not the same thing. You may well enter in to a separate contract for the procurement of the goods which are in turn subject to a separate license which dictates how those goods may be used. Therefore a license is still valid without consideration; else why do we have the wide variety of Open Source license agreements for products which are often provided free of any charge?

      Secondly consideration is not always monetary in nature, consideration is simply the provision of something of value in return for something of allegedly similar value. Therefore it could be argued that the consideration in this instance would be that the permission to allow the software to mine Bitcoins is provided in return for the provision of the functionality in the toolbar.

      However, there in England and Wales there may be a number of legal points on which the user could argue against having accepted the license terms such as the fact that the mining of Bitcoins is not linked to the purpose of the toolbar. Where there is a gap in the relationship between the purpose of the software and the license then a court may rule those elements of the EULA which are not relevant to the use of the toolbar are void. English law also takes a dim view of EULAs that seek to introduce terms which the user cannot challenge or negotiate out so again the court may rule in favour of the individual. Finally, if the user incurs charges that were not made clear at the point that the contract was struck (e.g. additional power charges, wear and tear on the computer, use of bandwidth, etc) then this would be a potential breach of the Sale of Goods and or Services legislation and therefore unenforceable in law.

      Please note I am not a lawyer but have an understanding of elements of commercial and contract law.

  18. buyone

    All end user contracts should be limited to one readable page.

    Any contract that can't be read should be unenforceable.

  19. Pascal Monett Silver badge

    Remind me again

    Is there even just one good reason to install a toolbar ?

    Any toolbar ?

    Someone ?

    1. wyatt

      Re: Remind me again

      Dunno but if you find one let my mother in law know, she has about 5 or 6 on the go at one time. I tried removing them but got shouted at as she 'used them'. Dunno how as they took up half the screen.

    2. Badvok

      Re: Remind me again

      Dunno about useful, but when major, supposedly reputable, corporations push them so flagrantly, is it any wonder that some people think they might be?

      I wonder whether Ask would even exist if it wasn't for the diligent efforts of Oracle to push their crap.

  20. Greg D
    Stop

    they should pass a new law on EULA's

    to make them no longer than an A4 page of text, with bullet points only, and large font.

    The reason no one reads them is because they are so ridiculously long worded and full of ambiguous language that could basically mean anything when applied in any context.

    Edit: Spelling :|

  21. This post has been deleted by its author

    1. Chozo

      'Linux' is not some magical pixie dust that wards off evil..

      If the web browser is allowed to run javscript then it can be enslaved.

  22. Anonymous Coward
    Anonymous Coward

    I recall an amusing EULA for an independent software package - it was the usual box that you had to scroll through fifty pages of in order to get it to let you click 'OK'. If you did this too rapidly, it would pop up a box saying, "You just read that whole EULA in 1.7 seconds. Would you like to go back and have another look?" or something similar.

    I didn't go back to have another look, but I had to give the guy credit for hanging a lantern on the absurdity.

  23. codeusirae
    Trollface

    Amazon bitcoin mining malware ..

    Ban this Amazon bitcoin mining malware immediately ..

    1. NumptyScrub

      Re: Amazon bitcoin mining malware ..

      This belongs to Amazon the same way that all Windows Updates belong to Akamai. The downloads are hosted on Amazon servers, but the software itself is written and maintained by someone else entirely.

      From the article:

      "According to this post, the miner in question is jhProtominer, and it's being installed by a crowd called We Build Toolbars (WBT).

      WBT uses a custom installer, Monitor.exe, which it serves up from Amazon, to start up the Bitcoin miner on the user's system"

      In this case you want to be ranting about "We Build Toolbars" :)

This topic is closed for new posts.

Other stories you might like