Author

Topic: CoffeeMiner hijacks public Wi-Fi users' browsing sessions to mine cryptocurrency (Read 133 times)

member
Activity: 196
Merit: 10
More and more free wift and various virus software begin to be embedded in the user's telegrams and mining behavior, which is helpful for the popularization of cryptocurrency market. Grin
legendary
Activity: 3010
Merit: 1460
I reckon in the future, Monero and other Cryptonote coins will be the most secure forms of cryptocoins in the cryptospace because of these illegal and fraudulent ways of mining.

The next time you visit your local Starbuck's, make certain that the guy in the corner wearing the hoodie is not sniffing your data and injecting a Coinhive script in the webpages you visit hehe.



According to the developer, public Wi-Fi may also now be a source of income for hackers that successfully pull off man-in-the-middle (MiTM) attacks to launch cryptocurrency miners.

The project, released to the public for academic study, leans upon the recent discovery of a cryptocurrency miner discovered on a Starbucks Wi-Fi network.

CoffeeMiner works in a similar way. The attacking code aims to force all devices connected to a public Wi-Fi network to covertly mine cryptocurrency.

The attack works through the spoofing of Address Resolution Protocol (ARP) messages by way of the dsniff library which intercepts all traffic on the public network.

Mitmproxy is then used to inject JavaScript into pages the Wi-Fi users visit. To keep the process clean, the developer injected only one line of code which calls a cryptocurrency miner.

The miner is then served through an HTTP server. The mining software in question is called CoinHive, which is used to mine Monero and is considered by some antivirus firms as a threat.



Read in full http://www.zdnet.com/article/how-to-hack-public-wi-fi-to-mine-for-cryptocurrency/
Jump to: