In my previous posts Crypto stealer or not and Crypto stealer or not part 2 I was talking about my research and what the trading script is doing, but I haven't actually explained the title. I wasn't sure if the script is actually a crypto stealer or "legitimate software" because it is doing exactly what is stated in EULA.
And that leads me to the topic of this article. Could this "crypto stealer"/trading script be considered as a malware or not?
Lets first quote some general definitions of a malware:
- Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network (Wikipedia)
- software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system (Oxford dictionary)
- malware refers to software programs designed to damage or do other unwanted actions on a computer system (TechTerms)
If we take the first 2 definitions than we should not consider this trading script as a malware, because there is no disruption, no damage to computer and no unauthorized access. But there is the third definition, the most general one, which talks about unwanted actions. And definitely, sending 10% of your crypto is unwanted action. Or is it? If there is a statement in EULA (no matter in which language) and you have to agree with the EULA each time you run the script/program?
I am not a lawyer and each state might have different legal interpretation, but I would like to know your opinion on this topic. Can we in this case consider it malware and call it a crypto stealer or is it a legitimate software and it is only your stupidity that you didn't read/understand the EULA and run the software?
And more on this malware/not-malware topic. I have also heard something that I call enterprise malware definition. If there is an organization policy where approved software is listed and you install some software that is not on the list of approved software - like whatsapp, winrar, total commander. Would you consider this as a malware? Well, some people yes, because is it unwanted software potentially unwanted actions and it falls within the malware definition.
What is your opinion?