Pierluigi Paganini
March 07, 2015
Internet users that have recently installed or updated the popular BitTorrent client μTorrent 3.4.2 Build 28913 had a nasty surprise, the application, in fact, installed a Bitcoin miner as explained in this advisory.
“Users of the μTorrent file-sharing service are complaining that the latest update of software used for torrent downloading is silently installing a piece of unwanted software called Epic Scale, which is basically a Bitcoin mining software.”
The Epic Scale software is cryptocurrency mining software that reportedly uses the computational resources of the host to mine Bitcoin.
μTorrent is the most common BitTorrent client with more than 150 Million active users every month, by bundling Epic Scale mining application the μTorrent company can generate substantial gains.
The problem is that ‘Epic Scale’ software is installed, without the explicit consent of unaware users, with the intent of generating income for BitTorrent company.
“There was no information about this during installation and I did opt out of your other bundled software.” explained the member ‘Groundrunner’ at uTorrent’s complaint forum. At the time I’m writing the administrators suspended the thread.
In the below screenshot is reported the End User License Agreement μTorrent software is displayed to the users. Users can “Accept” or “Decline” the agreement, the origin of the issue is that the Epic Scale is described as a ‘distributed computing platform‘ that perform ‘computation‘. BitTorrent company is asking users to ‘Join us to help support organisation working to cure AIDS‘ by sharing their computational resources.
According the expert, the software “is particularly harder to remove from the system,” Epic Scale can’t be romoved by a classic Windows uninstallation procedure. By bundling the miner with μTorrent will dramatically decrease the performance of the machine and a normal user will face serious problems for its removal.
The colleagues at THEHACKERNEWS that accessed the thread confirmed that a senior manager of customer support at μTorrent explaining that they designed the update to ensure partner software downloads ‘don’t occur without approval by the user’.
“Epic Scale is a great partner for us to continue to generate revenue for the company, while contributing funds to good causes,” μTorrent employee wrote. “Feel free to delete this folder. You certainly won’t see any persistent auto-reinstalls of the software, it will be gone from your machine for good.”
In reality, the Epic Scale installation appears to happen selectively, and not on all machines.
“We have reviewed the issue closely and can confirm there is no silent install happening. We are continuing to look at the issue.” said a BitTorrent spokesperson.
Windows users are suggested to check the presence of the Epic Scale miner by using the Task Manager (Ctrl-Shift-Esc) and looking at the Tab “Processes”.
Alternative cross platform software for Torrent download are Vuze, Deluge and qBittorrent … it’s time to change.
(Security Affairs – Bitcoin mining, μTorrent, Epic Scale )
