Norton 360 Offering Contains Controversial CryptominerCritics Cite Difficulty in Uninstalling Feature and Its Use of Electricity
A new feature on popular antivirus product Norton 360 has left cybersecurity experts baffled, as the software company has made a play in the cryptocurrency space with a tool that will mine Ethereum while users' computers are idle.
See Also: 2020 User Risk Report
Industry observers say it is a puzzling move and that the feature may be difficult to uninstall. The company says the product is designed to make existing cryptomining safer.
The new cloud-based feature, Norton Crypto, initially launched in July 2021 and allows users to maintain a private cryptocurrency wallet and take away 85% of what their devices mine, with Norton earning a 15% commission. The company says the feature is opt-in-only and must be enabled.
Norton 360, owned by NortonLifeLock Inc., of Tempe, Arizona, says via an FAQ section on its website that Norton Crypto mines Ethereum while the client's computer is idle. The company says customer devices must meet certain criteria to run the cryptomining tool - including having a NVIDIA graphics card with at least 6 GB of memory.
"Norton creates a secure digital ethereum wallet for each user," the FAQ states. "The key to the wallet is encrypted and stored securely in the cloud. Only you have access to the wallet. Norton Crypto supports transfers of ethereum from your digital wallet to Coinbase."
Coinbase is a U.S.-based crypto exchange.
In a statement shared with Information Security Media Group, a NortonLifeLock spokesperson says, "Norton Crypto is an opt-in feature only and is not enabled without user permission. If users have turned on Norton Crypto but no longer wish to use the feature, it can be disabled through Norton 360 by temporarily shutting off 'tamper protection' (which allows users to modify the Norton installation) and deleting NCrypt.exe from your computer."
Security Experts Question Purpose
Nevertheless, technology and futurism blog co-editor Cory Doctorow took to Twitter to say, "Norton 'Antivirus' now sneakily installs cryptomining software on your computer, and then skims a commission."
Security researcher Chris Vickery echoed the concerns, saying on the same thread: "Norton is pretty much amplifying energy consumption worldwide, costing their customers more in electricity use than the customer makes on the mining, yet allowing Norton to make a ton of profit. It's disgusting, gross, and brand-suicide."
Responding to the electricity concern, the NortonLifeLock spokesperson tells ISMG, "We are committed to being a strong steward of the environment and have taken steps to help mitigate potential impacts on the environment."
The representative says NortonLifeLock is a signatory of the Crypto Climate Accord and a member of the global environmental organization Ceres, which works with corporations, academia and nonprofits for a more sustainable future. "We are currently conducting a life cycle analysis for Norton Crypto and expect to have the results at a later date," the representative says.
Adding to Doctorow's initial Twitter thread, however, another user tweeted: "My understanding is that mining on a single standard computer raises your energy prices higher than you would net in ethereum. Which, if true, means Norton gets free crypto while you pay for the mining."
On fees associated with crypto transfers and withdrawals, Norton states in its FAQ section: "There are coin mining fees as well as transaction costs to transfer [the] ethereum. The coin mining fee is currently 15% of the crypto allocated to the miner.
"Transfers of cryptocurrencies may result in transaction fees (also known as 'gas' fees) paid to the users of the cryptocurrency blockchain network who process the transaction. In addition, if you choose to exchange crypto for another currency, you may be required to pay fees to an exchange facilitating the transaction."
Its statement continues: "Transaction fees fluctuate due to cryptocurrency market conditions and other factors. These fees are not set by Norton."
In online forums, users have cited difficulty in cashing out - with transactions blocked if the total earnings cannot cover transfer fees.
Citing the aforementioned concerns, software engineer Grady Booch said on Twitter: "Because [Norton has] made the foolish decision to enable cryptomining, I have cancelled my subscription (and am encouraging everyone I know do to do the same)."
And Artem Russakovskii, founder of the site AndroidPolice.com and APKMirror.com, tweeted: "Norton started installing a crypto miner as part of its security product offering. Norton is now basically malware."
Environmental Concerns Persist
The Mozilla Foundation, the developer behind the Firefox browser, initially took to Twitter last week to urge users to consider crypto donations. It then backtracked, saying on the social media platform that its appeal "led to an important discussion about cryptocurrency's environmental impact."
It continued: "Starting today we are reviewing if and how our current policy on crypto donations fits with our climate goals. And as we conduct our review, we will pause the ability to donate cryptocurrency. … In the spirit of open-source, this will be a transparent process and we'll share regular updates."
Iran has ordered a shutdown of cryptomining centers in an effort to ease the strain on the nation's power plants, Al Jazeera reported late last month.
The ban will be enforced through March 6, and will free 209 megawatts of power for household consumption, the outlet wrote. The country also continues to crack down on illegal mining operations.
This week, Kosovo's government introduced a ban on cryptocurrency mining to curb electricity consumption, as the nation faces an ongoing energy crisis, Reuters reported.