Classic gift card balance "exploit"
From the GSD entry GSD-2022-1000002 (https://github.com/cloudsecurityalliance/gsd-database/blob/main/2022/1000xxx/GSD-2022-1000002.json)
Norton AntiVirus now includes an Ethereum crypto miner that has several problems including deceptive rewards program and difficulty in uninstalling it.
Norton keeps 15% of all Ethereum mining proceeds and "pays" the remainder into a users "Norton Crypto Wallet" which is hosted by Norton. It should be noted that the Norton Crypto Wallet cannot be used to make Ethereum transactions, but can only be used to transfer value to a Coinbase account once a certain minimum threshold of value is accrued. The Norton crypto mining and Norton Crypto Wallet are effectively a gift card system where the money can be withdrawn, but not unless a certain balance is available. It should also be noted that the Norton Crypto mining software is reportedly very difficult to uninstall, requiring administrative level privileges, and even then reports indicate effective removal is difficult.