Browser Plugin Secretly Mines Bitcoins at Your Expense
A browser plugin called YourFreeProxy uses your computer's processing power to mine Bitcoins for its creators.
Some computer programs do more than they advertise — and if so, it's rarely a good thing.
California-based anti-virus company Malwarebytes found that a browser plugin called YourFreeProxy was, aside from its advertised features, using the computers on which it was installed to mine Bitcoins.
MORE: 10 Reasons Coin Card Could Be a Security Nightmare
A Malwarebytes customer first brought the issue to light when he reported an undeletable file on his computer called "jh1d.exe" that was tying up more than 50 percent of his computer's system resources, significantly slowing his machine down.
On closer analysis, Malwarebytes realized that the file was a Bitcoin mining piece of software with the full name jhProtominer.
What does that mean? Bitcoin is a type of digital currency that bases its value not on a centralized standard, but rather on a peer-to-peer computer network accessible through an application and storage system called a Bitcoin wallet.
Bitcoins can be exchanged for other types of currency, or can be mathematically generated in a process called "mining," a potentially time-consuming process that also requires significant computer processing power.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
When the Bitcoin network first launched in 2008, one Bitcoin was worth less than a tenth of a cent. A few days ago, however, the value of one Bitcoin broke $1,000 for the first time. Bitcoin trading and mining have never been more lucrative.
But the people unknowingly hosting these secret Bitcoin-mining toolbars won't see a cent of that money. The Bitcoin miner in YourFreeProxy was being remotely controlled via a program called "monitor.exe," ownership of which Malwarebytes traced back to a Las Vegas-based company called Mutual Public, or We Build Toolbars.
Thanks to some careful wording in its End User Licensing Agreement (EULA), Mutual Public's bitcoin mining may be legal, if also deceitful. The EULA states that "as part of downloading a Mutual Public, your computer may do mathematical calculations for our affiliated networks to confirm transactions and increase security. Any rewards or fees collected by [We Build Toolbars] or our affiliates are the sole property of WBT and our affiliates."
In other words, by downloading Mutual Public's software, users are ostensibly agreeing to let the company use their computers' processing power.
"Take note if your system is running especially slow or if a process is taking up massive amounts of your processing power," writes Malwarebytes' Adam Kujawa on the company blog. "It might be malware or even a [potentially unwanted program] running a miner on your system."
To defend against malware intrusions on multiple platforms, please see our pages on the best antivirus software, the best Mac antivirus software and the best Android antivirus apps.
Email jscharr@techmedianetwork.com or follow her @JillScharr and Google+. Follow us @TomsGuide, on Facebook and on Google+.
Jill Scharr is a creative writer and narrative designer in the videogame industry. She's currently Project Lead Writer at the games studio Harebrained Schemes, and has also worked at Bungie. Prior to that she worked as a Staff Writer for Tom's Guide, covering video games, online security, 3D printing and tech innovation among many subjects.