The Hacker News


If you have recently installed or updated the popular BitTorrent client μTorrent 3.4.2 Build 28913 on your computer, then you read this warning post right now.

Users of the μTorrent file-sharing service are complaining that the latest update of software used for torrent downloading is silently installing a piece of unwanted software called EpicScale, which is basically a Bitcoin mining software.

Note: Story update has been added below.

USER COMPLAINTS ON SILENT INSTALLATION
The Epic Scale, installed without the consent of users, is a cryptocurrency mining software that reportedly uses the combined computing power of users to generate Bitcoin income for BitTorrent company. The unwanted software slows down the host computers and is particularly harder to remove from the system.
Cybersecurity

The Bitcoin mining software was recently highlighted at uTorrent's complaint forum where a member 'Groundrunner' says: "There was no information about this during installation and I did opt out of your other bundled software."

A senior manager for customer support at uTorrent did reply to the thread, explaining that the designed the update to ensure partner software downloads 'don't occur without approval by the user'.
"Epic Scale is a great partner for us to continue to generate revenue for the company, while contributing funds to good causes," uTorrent employee wrote. "Feel free to delete this folder. You certainly won't see any persistent auto-reinstalls of the software, it will be gone from your machine for good."
DETECT AND UNINSTALL BITCOIN MINER
The troubling part of Epic Scale is that it can't be uninstalled by simply following the regular uninstallation procedure on Window machines, whereas uTorrent employee described Epic Scale as "easy to uninstall".

Okay! Let's agree that Epic Scale is used by uTorrent to generate revenue, but bundling the application with uTorrent is highly problematic to the normal user as it will consume system resources all the time while running. A users complaint that the software is "easily noticeable by the increased CPU load when the computer is idle."

The silent install appears to happen selectively, and not on all machines. BitTorrent spokesperson said, "We have reviewed the issue closely and can confirm there is no silent install happening. We are continuing to look at the issue."

Users that don't notice the program may find significantly decreased performance as a result. Windows users are recommended to check the Task Manager (Ctrl-Shift-Esc) to make sure EpicScale is not running on their system. Follow these instructions to remove Epic Scale from your Windows system.

So far, uTorrent is the most visited BitTorrent client worldwide with more than 150 Million active users every month. So one can imagine, if 10% of them have upgraded their software to the latest malicious version, then how much revenue company could have generated by burning their CPUs within one day.

If you think that it's time to move on to other Torrent downloads, meanwhile, you can try Deluge, Vuze, Bitcomment, qBittorrent which are lightweight, free, cross-platform torrent clients available for Linux, Mac OS X and Windows.

UPDATE (3:00 pm EST, 6th March 2015)
Whether its a software, or an online service, you have to agree to a so-called End User License Agreement. They are so common, in software and on the Internet, that many users ignore them and blindly click "Agree" without understanding what they're agreeing to.

An average user spent only 6 seconds on every page while installing a Software, Next... Next... Install... and Finish.

BUT IT SAYS, 'EPIC SCALE' IS A COMPUTATION PLATFORM
In the below screenshot you can read, μTorrent software is giving an option to "Accept" or "Decline" the offer, but they have described "Epic Scale" as a 'distributed computing platform' that perform 'computation' only and asking users to 'Join us to help support organisation working to cure AIDS' by donating our system resources.
 Bitcoin Mining Software
It is clear that an average user will never understand that they are allowing it to install a 'Bitcoin Mining Software', which is used to generate revenue by consuming their system resources massively.

So either the users are collectively mistaken or there is a lack of transparency in the software installation, leading to confusion amongst users.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.