A developer published a proof-of-concept project dubbed CoffeeMiner for hacking public Wi-Fi networks and mine cryptocurrencies.
The spike in the values of Bitcoin is attracting the interest of crooks that are adopting any method to steal crypto wallets or computational resources from the victims.
A developer named Arnau has published a proof-of-concept project dubbed CoffeeMiner for hacking public Wi-Fi networks to inject crypto-mining code into connected browsing sessions, an ingenious method to rapidly monetize illegal efforts.
The experts explained that his project was inspired by the Starbucks case where hackers hijacked laptops connected to the WiFi network to use the devices computing power to mine cryptocurrency.
The CoffeeMiner works by spoofing Address Resolution Protocol (ARP) messages on a local area network in order to intercept unencrypted traffic from other devices on the network.
The MiTM attack is conducted by using software called mitmproxy that allows to inject the following line of HTML code into unencrypted traffic related to the content requested by other users on the networks:
Arnau set up VirtualBox machine to demonstrate the attack, and also published a couple of PoC video for the attack in a virtualized environment and in a real world WiFi network:
The CoffeeMiner version published by the researcher doesn’t work with HTTPS, but the limitation could be bypassed by addition sslstrip.
“Another further feature, could be adding sslstrip, to make sure the injection also in the websites that the user can request over HTTPS.” concluded the researcher.
Arnau published the code of the CoffeeMiner project on GitHub.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.