News Public WiFi a Hotbed for Cryptocurrency Mining Malware

As more and more inexperienced traders and investors jump aboard the burgeoning blockchain train, cyber security becomes a real and pressing issue. Unlike more institutionalized financial organizations which have secure platforms, crypto investing is more of a personal thing that can lead to software exploits for the unprotected and uninitiated.

A report in SiliconAngle this week highlighted the dangers of using unsecured, public wireless hotspots. The threat now being that computers connected through open WiFi networks could be hijacked to mine for cryptocurrencies.

Coffee Miner

According to the report, the ‘CoffeeMiner’ exploit uses public wireless networks to inject crypto mining scripts into the browsing sessions of anyone connected to the access point. By employing a ‘man-in-the-middle’ technique to spoof Address Resolution Protocol (ARP) messages, access to the network can be easily obtained. The attacker can then intercept all traffic on the public WiFi network and use software to insert Javascript into the web pages visited by users.

Unsurprisingly, the malware originates from the same source that has plagued the internet since its inception last year – Coinhive. This nasty piece of code was designed to be inserted into websites to allow the owners to make money mining Monero. XMR has been the crypto of choice for such activities due to its anonymity.

Malicious Intentions

It has been long reported that public, open WiFi networks are inherently dangerous. Information sent and received from a computer to the router and beyond is unencrypted and can be easily intercepted. This is not the first time a coffee shop wireless has been used to mine for crypto. According to the BBC, a Starbucks in Buenos Aires was found to be hijacking customers’ computers to mine for cryptocurrency last month.

There are probably countless other coffee shops and cafes with open WiFi under similar attack right now. Hacking to harness computing hardware to mine currencies is going to increase at an alarming rate this year. There is already malware that can mine using mobile phones, which results in the device literally melting down. It is only a matter of time before web servers start to become infected and mining bots spread across the world like ransomware did last year.

Stay safe on the internet and never use open and unsecured public wireless connections. Hopefully the coffee shops will wake up to the smell of their own coffee and secure their internet connections to protect their customers. Until then, just imagine how many unemployed “writers” pounding out their screenplays, while sitting in the coffee shop all day long, are having their laptops used to mine crypto.

Do you use open wireless in your local coffee shop? Are you thinking twice about it now? Add your comments below.

Images courtesy of Pixabay and Bitcoinist archives.