[HN Gopher] 500M Avira antivirus users introduced to cryptomining
___________________________________________________________________
500M Avira antivirus users introduced to cryptomining
Author : todsacerdoti
Score : 98 points
Date : 2022-01-08 18:08 UTC (4 hours ago)
(HTM) web link (krebsonsecurity.com)
(TXT) w3m dump (krebsonsecurity.com)
| [deleted]
| NHQ wrote:
| Get ahead of your ransom payments today.
| abdk wrote:
| Praise be to Almighty, that i am not using an antivirus software.
| mindslight wrote:
| A corollary to the Gibson quote is "The past is still here - it's
| just not evenly distributed". I can't help but think of this any
| time I see talk of "antivirus software" in 2022 (among other
| things).
|
| If you're reading this article and thinking that antivirus
| software is a sensible thing to be running and thus wondering how
| they could betray users, you need to seriously revamp your
| computing environment. For most tasks that you need a trustable
| environment for, you want a modern OS that isn't based around
| agglomerating random binaries from arbitrary sources, whether
| that's something Free or just proprietary+curated+isolated (eg
| Apple/Android). And sure you can still keep MS Windows around for
| whatever purposes, but since it's no longer handling your
| sensitive activities you don't have to be hyperactive about the
| Sisyphean task of "securing" it.
| pjmlp wrote:
| Indeed every Linux user does a code review before pressing
| return on _curl xpto | sh_ , or _mypkg install_.
| nix23 wrote:
| No problem every Antivirus software makes that code review
| anyway...just install windows defender on you *nix
| machine...problem solved.
| elcritch wrote:
| For those cases where corporate requires an AV for Linux.
| Run one in wine and show the auditors the daily scan logs.
| Everyone's happy! ;)
| pjmlp wrote:
| In those cases, your computer is managed by IT anyway,
| with remote access.
| mindslight wrote:
| Yes of course you can transplant bad ideas over to Linux or
| anywhere else (another example: flashing your phone with
| rando "ROMs" from xda-developers). If you're doing these type
| of things then what I said applies to you as well, and you
| should obtain another device where you _don 't_ do such
| things for your trustable environment. But even if you are
| doing such things, you still won't be liable to add to your
| problems with "antivirus" software. That's a particular idea
| arising out of the longstanding binary potluck culture of
| DOS/Windows.
| pjmlp wrote:
| Interesting argument,
|
| > It looks like you're running macOS, Linux, or another
| Unix-like OS. To download Rustup and install Rust, run the
| following in your terminal, then follow the on-screen
| instructions. See "Other Installation Methods" if you are
| on Windows.
|
| > curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs
| | sh
| mindslight wrote:
| It is terrible that this garbage has taken over the "open
| source" community - "just pipe this web page into your
| all-powerful command shell. Don't worry it's 'secure'
| because it uses HTTPS.". Even in the best case, it splays
| unreproducible junk all throughout your filesystem. Of
| course that doesn't matter because your Linux machine is
| a temporary "cattle" that you're just renting and
| accessing from your shiny iChromebook amirite?
|
| Not having looked at it in a while, it is highly
| disappointing that Rust specifically has gone down this
| path on their main fucking page. "Old man yells at
| cloud", and all that.
|
| IMO I think the future is distributed reproducible builds
| through Guix/Nix. I've never run Gentoo, but Guix/Nix
| feel like the best manifestation of software freedom that
| I've experienced. Mind expanding in the same way as
| functional programming or Lisp.
|
| And of course none of that addresses the whole issue of
| source auditing and provenance. Immutable logs like git
| get us 90% of a foundation, but obviously there is a lot
| of unexplored territory required to provide actual
| security guarantees.
| ttybird2 wrote:
| Nix eh? https://nixos.org/download.html#nix-quick-install
|
| curl -L https://nixos.org/nix/install | sh
|
| Unlike guix nix does not even have a way to verify
| package signatures because "it would hurt the workflow of
| these using the github webui to push stuff to nixpkgs"
| bendiksolheim wrote:
| This is almost beyond funny. I googled "Avira antivirus
| cryptomining" to see if I could find any other sources, and quite
| a few results [0][1][2] are from Aviras own blog warning about
| crypto mining viruses. One of the solutions mentioned are
| actually to install Avira. Yes, these are written a few years
| ago, but the irony is just incredible.
|
| [0] - https://www.avira.com/en/blog/illicit-mining-software-
| beware... [1] - https://www.avira.com/en/blog/crypto-miners-
| coinhive-malware... [2] - https://www.avira.com/en/blog/yes-your-
| device-can-be-hit-wit...
| badrabbit wrote:
| Defender is adequate anyways.
| [deleted]
| userbinator wrote:
| I wonder when MS is going to join in, given all the other user-
| hostile stuff they've been doing.
| dvh wrote:
| It clearly doesn't mark Avira as virus so it is not adequate.
| twofornone wrote:
| Is antivirus software really still necessary on windows for
| technical users? Do you really need it if you're not downloading
| questionable torrents or visiting shady websites?
| koolba wrote:
| Many corporate boiler plate for consulting gigs requires _some_
| antivirus be installed.
| netizen-936824 wrote:
| Ah yes, attorneys. Always the technical experts in the room.
|
| /s
|
| And yes, I know there are some exceptions but lawyers are
| notorious for being tech illiterate
| nikanj wrote:
| No, but it is mandatory for a wide variety of security
| certifications. Regulatory capture rules
| Breazy wrote:
| KptMarchewa wrote:
| No, it isn't.
| netizen-936824 wrote:
| Its probably not necessary for nontechnical users either, I
| keep hearing about how great windows defender works.
| nix23 wrote:
| Windows Defender is an Antivirus+ ...but whats really
| stupid..some company's require to install that bs on Linux
| machines.
| netizen-936824 wrote:
| My comment is about using one on top of windows defender.
| Like using Norton in windows 10 seems absolutely
| pointless
|
| pouring_water_bottle_on_head_in_pool.jpeg
|
| Sometimes it may be useful on a Linux machine, I've heard
| that hosts are being increasingly targeted
| cabirum wrote:
| Now wait for Intel to install a miner directly into their on-chip
| Intel Management Engine.
| theropost wrote:
| this seems like a regulatory overstep - something a technically
| inclined government would intervene in. Too bad ours is far from
| that.
| dandanua wrote:
| Maybe they are "technically inclined" and already invested in
| the crypto pyramid.
| qeternity wrote:
| So basically now thousands of system administrators across the
| world can embezzle from their employers by arbitraging free
| electricity for crypto at 1% efficiency (less NortonLifeLock
| fees).
| JumpCrisscross wrote:
| > _there are hefty fees involved in moving any ETH mined by
| Norton or Avira Crypto to an account that the user can cash out_
|
| Is NortonLifelock whatever charging a fee? Or does this refer to
| gas?
|
| Looking forward to the follow-on story in a couple years about
| the IRS sending everyone who mined 10C/ a letter.
| frollo wrote:
| > Is NortonLifelock whatever charging a fee? Or does this refer
| to gas?
|
| It seems that NortonLifeLock takes about 15% of whatever gets
| mined. In addition to that, you'd probably have to use and
| external service to sell your ETH (an other article I saw
| mentioned Coinbase as the only place where you can move your
| ETH from Norton) which Will charge its own fees and _then_
| there is the gas fee.
| short12 wrote:
| Antivirus companies are universally scummy anyways. But this
| trend is going to continue for regular software
| tgsovlerkhgsel wrote:
| Is it enabled by default? If yes, criminal charges should be on
| the table.
| iszomer wrote:
| > "Norton should be DETECTING and killing off crypto mining
| hijacking, not installing their own," reads a Dec. 28 thread on
| Norton's forum titled "Absolutely furious."
|
| That is fucking infuriating. Imagine if the "my body, my choice"
| redirected to a "my computer, my choice" idea.
| LaunchAway1 wrote:
| I was going to say that you can choose to not install the
| antivirus but unfortunately this crap and similar come
| installed on so many laptops. If the HW is compatible I suggest
| to format the whole thing and install Linux.
| iszomer wrote:
| I do use Linux. Even so, if you were required to install (or
| compile) a package that is a dependency on something you
| don't explicitly use but do for others, where do you draw the
| line on their acceptable tradeoffs?
| nix23 wrote:
| Throwaway Virtual machine...that's where i ~don't have to
| draw lines.
| iszomer wrote:
| That's not a bad idea. Thanks!
| mensetmanusman wrote:
| If it is opt in, it is a choice.
|
| Would be interesting if you could throttle based on home
| temperature. I would much rather heat with useful computation
| than with electric heaters.
| kieloo wrote:
| The problem is that a lot of users will activate it without
| really knowing what it is. Lots of elderly people use Norton
| and Avira, for example.
| mlyle wrote:
| Computation and resistive heat are pretty much the same in
| efficiency.
|
| Heat pumps, which will pump outside heat inside, are a _lot_
| more efficient.
|
| So, "computation for heat" is only useful to the point that
| it's replacing a space heater or other resistive heat, or is
| focused in a place resulting other heat use by a lot. So, my
| computer could be a cost-effective way to keep my feet cozy.
|
| This also presumes that cryptomining is "useful computation".
| anonymousab wrote:
| > If it is opt in, it is a choice
|
| But you know that it will be enabled by default by the
| packages they give to OEMs, or "accidentally" in every update
| or system restart, and will trick less informed or less
| technical users into enabling it and all sorts of shenanigans
| like that because that's how these av software companies have
| been operating for over a decade, at least in the home
| consumer space.
|
| The only right away to treat these companies is to assume the
| worst about everything they say and do. Unfortunately they
| seem to always find a way to do worse than those assumptions.
| When "they will make a lot of money and/or screw over a lot
| of users" is the outcome of their statement being a lie, then
| you should assume their statement is a lie.
| iszomer wrote:
| A similarly related topic would be log4j debacle and the
| lack of _common awareness_ of it 's features before being
| used as a vector for exploitation.
| rosndo wrote:
| > I would much rather heat with useful computation than with
| electric heaters.
|
| But why? An electric heat pump will be vastly more efficient.
| scrps wrote:
| You really think the average non-technical user who leaves an
| AV preinstalled when they get a new system or are frightened
| into installing an AV is making a choice when a cryptominer is
| bundled with their AV even if it is opt-in to activate it?
|
| The imperitive word that person on the forum post you quoted
| used is "hijacking" not intentionally and knowingly installing
| mining software.
| klyrs wrote:
| > Imagine if the "my body, my choice" redirected to a "my
| computer, my choice" idea.
|
| No need to imagine; that's the central tenet of RMS's ethos and
| he's been shouting it from the rooftops for decades.
| MauranKilom wrote:
| So did I read correctly that Avira, Norton and Avast have
| been/will be bought by the same company (Symantec, but
| rebranded), with the sole intention of getting their existing
| userbases to mine crypto for Symantec?
|
| This is absolutely bonkers. Most users are unlikely to even make
| back their electricity cost (arguments for space heating can be
| made, but not in summer), and paying out the minuscule sums is
| impossible due to transaction fees.
|
| Hoping that somebody will sue this endeavor into oblivion.
| waffle_maniac wrote:
| If the home is powered by nuclear power and heated by gas then
| the extra heat generated from the computer could decrease the
| usage of gas. It would be a small net positive.
| low_tech_love wrote:
| You mean the computer would work as an auxiliary heater? Is
| it reasonable to expect that to work? How much would the
| processor have to heat for that to be feasible, how fast
| would it go to the trash bin after that, and where should one
| even locate the pc for that to work?
| MauranKilom wrote:
| If your PC consumes 500 W, it's gonna heat the room it is
| in exactly as much as a 500 W space heater. That's what I
| alluded to with the "space heater" parenthetical.
|
| There are people who reduce their overall bills by mining
| for both cryptocurrency and heating with the waste heat
| (instead of only one or the other). But it needs specific
| circumstances for that to be worth it, and I'm very sure
| Symantec is not advertising this concept in the first
| place.
| Breazy wrote:
| rhinoceraptor wrote:
| And if you spent that same 500 W on running a heat pump,
| you would get the equivalent of about 1000 to 2000 W of
| resistive heat.
| MauranKilom wrote:
| Agreed with your point, but that requires significantly
| more setup than plugging something into a wall (and
| _significantly_ more effort than installing a software
| update). And heat pumps work worst when you need them the
| most.
|
| None of this justifies making tech-illiterate people mine
| bitcoin for your own gain, of course.
___________________________________________________________________
(page generated 2022-01-08 23:01 UTC)