Skip links

Avira also mines imaginary internet money on customers’ PCs

Germany-based security biz Avira’s antivirus has enabled a new feature: “Avira Crypto“. It’s opt-in, but if you click “yes”, the AV will use your computer to mine Ethereum.

2011: stand of Avira on March 5, 2011 in CEBIT computer expo, Hannover, Germany. CeBIT is the world's largest computer expo.

Avira’s stand at the CEBIT expo in Hanover, Germany, back in 2011

Many Reg readers probably won’t have user fleets running on the legacy AV, however, as highlighted by security researcher Brian Krebs earlier today, the feature was added to Avira’s product set late last year, just days after Norton360 started to hit the headlines for doing the same.

Perhaps we shouldn’t be too surprised, as the same company, NortonLifeLock, owns both brands. NortonLifeLock is what’s left of Symantec after it spun off Veritas and then got bought by Broadcom.

As NortonLifeLock also bought Avast last year, it will be interesting to see if its owner’s new-found fondness for imaginary internet money will soften Avast’s strong anti-cryptocurrency-mining stance. (Just in case that page might mysteriously vanish from Avast’s website, we’ve archived it for your convenience.)

Amusingly, if Avast should start grassing up its sister products, there is precedent for that: at one point Avira flagged up itself as malware.

Before it was purchased by Norton, Avast itself bought AVG (for full disclosure, about a year after your correspondent left the latter company). Both companies had issues around add-on browser toolbars that Firefox-maker Mozilla itself branded as malware.

Moves like these are signs of the continuing consolidation in the antivirus market, since Microsoft bought GeCAD and Giant, started offering its own freeware antivirus for Windows XP, Vista and 7, then bundled it, to the ire of other antivirus vendors.

Both Norton360 and Avira mine Ethereum, a cryptocurrency whose chief difference from Bitcoin is that it allows you to embed code into its blockchain. It was the basis of distributed venture-capital fund “The DAO”, founded at the end of April 2016 under the slogan:

“To blaze a new path in business organization for the betterment of its members, existing simultaneously nowhere and everywhere and operating solely with the steadfast iron will of unstoppable code.” [Emphasis in the original.]

Unsurprisingly, by June, an attacker exploited a vulnerability in the org and it lost a third of its capital: $50m. To fix the hole, Ethereum’s developers had to fork their own software. A cynic could be forgiven for pointing out that embedding code into an immutable blockchain is a bad plan: all software has bugs, but if it’s read-only, you can’t fix them when you find them. “Unstoppable code” is not a good thing.

The real problem is that things like browser toolbars bring in more revenue than freeware antivirus, especially when the OS vendor throws in a serviceable-enough antivirus program for nothing.

So, instead, why not use under-utilised PCs to mine pretend internet ransom-payment tokens? Paid home antivirus mainly sells to people who are not very tech-literate, especially senior citizens. Those same people are also very likely to fall prey to get-rich-quick schemes… and that’s exactly what cryptocurrencies are.

As Dreamwidth co-founder Denise Paolucci observed on Twitter:

All of my professional service providers keep asking me about crypto because they keep hearing about it and they know I’m a tech person and I’m like ‘Look. If this were ever going to be a viable ANYTHING, porn studios would have embraced it 5 minutes after it showed up.’

And then they laugh and I’m like ‘No, I’m dead flat serious, if there’s a new payment, communication, or data storage thing and the porn industry didn’t immediately adopt it widely? It is not ever going to be a thing.’