A software package that until late today was offered for download in the Mac App Store has been discovered to mine cryptocurrency by default. But in a strange twist, the company behind the app actually disclosed the fact to users upfront.

The app, called Calendar 2, is pitched as a replacement to the default macOS calendar app, with additional scheduling features, themes and social media integration. That may sound like an appealing pitch, but the developers behind the app added code to mine for the Monero cryptocurrency in the last few days.

The code ran in exchange for letting users access more premium features. Users can opt out of using the cryptominer and access the premium features by paying for them instead, an interesting twist in terms of freemium software offerings. The issue is that users are opted in by default.

However, criticism of inserting miner code by default may have persuaded the developer, Qbix, to pull the application for now. As of late today, it was no longer available in the Mac app store. Qbix founder Gregory Magarshak told Ars Technica that he will remove the miner from future versions of the software.

“On the one hand, using the user’s CPU for cryptomining has become extremely unpopular,” Thomas Reed, director of Mac & Mobile at the antimalware software firm Malwarebytes told Ars Technica. “The fact that this is the default is something I don’t like. I would want to see a legit app informing the user in advance or making it an option that can be turned on but is off by default.”

But Reed noted that the developers were completely upfront about what’s going on, and that ultimately it should be a matter of user choice. “Some people might be perfectly willing to let an app like this mine cryptocurrency so that they can use it for free,” Reed added.

The moral angle aside, it turns out that there were bugs in the code used causing the mining code to consume more resources than originally intended. The app “ate 200% CPU until I found it and killed it. I didn’t expect a miner infection from an App Store vendor. Wow,” one user wrote on Twitter.

According to the website for the app, it has been download by 757,627 users at the time of writing, but it’s not clear from reports whether the later version with the cryptomining code was pushed out as an update to existing users or was only bundled with new downloads. Either way, potentially hundreds of thousands of people could potentially be running the cryptomining code.

Image: Qbit