Hackers Hijack Public Wi-Fi Networks to Mine Cryptocurrencies [Security]

There have been rumors that hackers can use public Wi-Fi networks to mine cryptocurrencies, and now those rumors have been confirmed. It seems surprisingly easy, and most users don’t even know that they are generating cryptocurrencies as they browse away.

So far it has all been vague, but this article will explain how hackers are doing it in simple details.

How It Works

Hacking public Wi-Fi networks to mine cryptocurrencies is quite a process, but it takes a matter of seconds.

It begins with spoofing Address Resolution Protocol (ARP) messages. This requires using the dsniff library to intercept all traffic on the public Wi-Fi network. The next thing is using Mitmproxy to inject JavaScript into pages that users on the network are visiting. All it takes is one line of code to get it to work – and also not to get noticed by tech-savvy users.

Once the code is in place, the cryptocurrency miner can then be delivered through an HTTP server. All these elements come together, compile, and form a single script. This script can then be deployed to the public Wi-Fi network. However, before mining begins, the hackers have to reroute the users to another server where mining will take place. Most users do not even notice it.

The Culprit

It is not clear how many programs are currently being deployed to mine cryptocurrencies on public Wi-Fi networks. However, the known culprit, for now, is dubbed CoinHive – a fitting name considering how many coins you can mine. This program currently only mines Monero, the 16^th largest cryptocurrency worth over $15 billion and growing.

The brain behind this discovery is a software developer called Arnau. To prove that this is possible, he created his own program and named it CoffeeMiner. He then went to a coffee shop with public Wi-Fi and tested his theory. Unsurprisingly, it worked all too well without anyone noticing. Conclusion: it seems that any hacker or software developer worth his/her salt can mine cryptocurrencies as long as they have a program of their own.

It gets even better, according to Arnau. You can supposedly make a better version of such a program by tweaking it. All it takes is adding an autonomous Nmap scan to get even more devices hooked on your program, hence enabling you to mine more cryptocurrencies.

Additionally, you can also target websites on the HTTPS server by simply adding an sslstrip. Theoretically, these programs can further be improved considerably.

There Are Limitations

It takes some time for the programs to do their thing and generate any significant cryptocurrencies. According to the test carried out by Arnau, the program needs at least 40 seconds to generate cryptocurrencies. However, further improvements as suggested may accelerate the process – it is already fast by many standards considering how long it takes to mine cryptocurrencies manually.

Additionally, developers and anti-viruses may start cracking down on these programs as they have already been classified as threats. However, this may take some time, and the best way to stop them is by being alert when browsing on public Wi-Fi networks.