INFRA
INFRA
INFRA
Hijacking for cryptocurrency mining: coming to a public Wi-Fi hotspot near you
Connecting to public Wi-Fi networks has always come with a certain level of risk, but in a new twist, the next time you connect at your local cafe, it could be hijacked to mine for cryptocurrencies.
Initially published as a proof of concept but possibly now being used in the wild, the “CoffeeMiner” exploit uses public Wi-Fi networks to inject cryptocurrency mining scripts in the browsing sessions of anyone connected to the Wi-Fi point.
The attack works using a “man-in-the-middle” method in which the attacker sends spoofed Address Resolution Protocol messages using the “dSniff” library to the targeted network. Once access been obtained, the attacker can intercept all traffic on the public network and then use so-called Mitmproxy software to insert Javascript into the web pages visited by users.
The Javascript code, not surprisingly, comes from Coinhive and similar cryptocurrency mining services that have popped up in recent months. The Coinhive code, first detected in September when The Pirate Bay and then Showtime were found to be using it, hijacks the processor of a site visitor’s device to mine for Monero, a cryptocurrency favored by cybercriminals thanks to its high level of anonymity.
Although no one using the CoffeeMiner method has yet been officially detected, the idea of Wi-Fi networks being hijacked to mine for cryptocurrencies isn’t a new one. In December, a network in a Starbucks in Buenos Aires was found to be hijacking “connected computers to use their processing power to create digital cash,” according to the BBC. That same report noted that it’s not clear how the hijacking took place, but the attackers could, in theory at least, have used the same methodology.
Regardless of the how or why, some suggest there are other lessons to take away. “We don’t even touch public doorknobs without a paper towel or a squirt of Purell, why on earth would anyone freely connect to a public wifi network?” Scott Petry, co-founder and chief executive officer of Authentic8 Inc., told SiliconANGLE. “There’s no surprise in this story — it’s how the internet works. The surprise is that people are still exposing themselves to these exploits. Someday soon we’ll look back in shock on how careless we were on the internet.”
Photo: wfryer/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
