As cryptocurrency grows increasingly more popular, it should be no surprise that some are looking for less than ethical ways to acquire the virtual coins. A lot of the times this includes outright hijacking in order to make a quick digital buck by using the processing power of other people’s computers. One recent example of this goes by the name of CoffeeMiner and is the brainchild of software developer Arnau Code. As stated on his blog, CoffeeMiner is not meant to be malicious in nature, however, it does demonstrate how hackers could use a similar technique to hijack computers via Wi-Fi and use them to mine cryptocurrency.
The incident took place in Buenos Aires, Argentina but could have easily occurred anywhere else in the world as most coffee shop owners are likely not aware of how inventive hackers have become recently and might be poorly equipped to handle attacks like this. Even more interesting is that the victim of the attack was Stensul CEO Noah Dinkin. Needless to say, Dinkin knows quite a bit about software so he was able to quickly notice the miner and proceeded to notify Starbucks regarding the network vulnerability.
In the case of CoffeeMiner, Arnau Code also based the project off of CoinHive but took a different approach. According to him, CoinHive is best used in situations where the user spends a decent amount of time browsing, which makes it less than ideal for short sessions. As a result, Code came up with a way of injecting the miner into each HTML page requested by the visitor to ensure that it acts fast and continues to work for long periods of time. Just like in the aforementioned incident, the security researcher used the script to mine Monero.
CoffeeMiner has already been tested in coffee shops and seems to work as intended according to the researcher. Not only that but Code claims his miner could be further improved in the future with various features that would make it even more effective. Some of these features could include a way of adding the IPs of CoffeeMiner victims to the miner’s list for later use or even injecting the script into the more traditionally secure HTTPS websites.