“Norton 360, one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers,” reports security researcher Brian Krebs.
The Verge follows up:
The TL;DR is that yes, Norton does install a crypto miner with its software, without making that clear in the initial setup process. But it isn’t going to do anything unless you specifically opt in, so it’s not a situation where you’ll install the security suite and instantly start seeing your computer lag as it crunches crypto in the background.
A NortonLifeLock spokesperson also told The Verge in an email that you can completely remove NCrypt.exe by temporarily turning off Norton’s tamper protection feature, and then deleting the executable. We confirmed that ourselves, and it could be good news for anyone worried about Norton remotely activating the feature.
But Krebs reports the product has drawn some bad reactions — and not just because Norton is keeping 15% of the currencies mined: [M]any Norton users complain the mining program is difficult to remove, and reactions from longtime customers have ranged from unease and disbelief to, “Dude, where’s my crypto…?”
According to the FAQ posted on its site, “Norton Crypto” will mine Ethereum cryptocurrency while the customer’s computer is idle. The FAQ also says Norton Crypto will only run on systems that meet certain hardware and software requirements (such as an NVIDIA graphics card with at least 6 GB of memory). “Norton creates a secure digital Ethereum wallet for each user,” the FAQ reads. “The key to the wallet is encrypted and stored securely in the cloud. Only you have access to the wallet.” NortonLifeLock began offering the mining service in July 2021…
[M]any users have reported difficulty removing the mining program.
From reading user posts on the Norton Crypto community forum, it seems some longtime Norton customers were horrified at the prospect of their antivirus product installing coin-mining software, regardless of whether the mining service was turned off by default. “How on Earth could anyone at Norton think that adding crypto mining within a security product would be a good thing?,” reads a Dec. 28 thread titled “Absolutely furious.”
“Norton should be DETECTING and killing off crypto mining hijacking, not installing their own,” the post reads….
“Norton is pretty much amplifying energy consumption worldwide, costing their customers more in electricity use than the customer makes on the mining, yet allowing Norton to make a ton of profit,” tweeted security researcher Chris Vickery. “It’s disgusting, gross, and brand-suicide.”
Then there’s the matter of getting paid…. “Transfers of cryptocurrencies may result in transaction fees (also known as “gas” fees) paid to the users of the cryptocurrency blockchain network who process the transaction,” the FAQ explains… Which might explain why so many Norton Crypto users have taken to the community’s online forum to complain they were having trouble withdrawing their earnings. Those gas fees are the same regardless of the amount of crypto being moved, so the system simply blocks withdrawals if the amount requested can’t cover the transfer fees.
Thanks to Slashdot reader JustAnotherOldGuy for tipping us off to the story!