Browser toolbars are now being used to hijack computers’ performance in order to mine Bitcoins, Malwarebytes has warned.
The security firm said that ‘Potentially Unwanted Programs’, or PUPs, are usually “unnecessary junk for your desktop that usually involves monitoring your surfing/shopping habits”.
However, some of the programs have been found to be used for a secondary purpose – harnessing PCs’ power to mine for Bitcoins.
One program was even found to have the mining capability written into its EULA, and was taking up over 50 per cent of a user’s system resources.
When the user tried to delete the ‘jh1d.exe’ file, it reappeared.
The file was found by the Malwarebytes team to be the popular jhProtominer Bitcoin miner, which was being resurrected after each deletion by a secondary program – ‘monitor.exe’ – made by Mutual Public, a firm also known as We Build Toolbars.
In the EULA for monitor.exe, the EULA included a passage stating: “as part of downloading a Mutual Public, your computer may do mathematical calculations for our affiliated networks to confirm transactions and increase security. Any rewards or fees collected by WBT or our affiliates are the sole property of WBT and our affiliates.”
Adam Kujawa, who wrote the blog post on the Bitcoin-mining PUPs for Malwarebytes, commented: “PUPs have gone to a new low with the inclusion of this type of scheme.”
Kujawa added that while Bitcoin miners are not bad by nature, their use on the computers of unwilling participants was wrong.
“They already collected information on your browsing and purchasing habits with search toolbars and redirectors,” he said of the PUPs.
“They assault users with pop-up ads and unnecessary software to make a buck from their affiliates. Now they are just putting the nails in the coffin by stealing resources and driving user systems to the grave.”
Image of computers mining Bitcoin courtesy of Shutterstock.co.uk