Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

How To Hack Wi-Fi For Fun And Imprisonment With Crypto-Mining Inject

Accepted submission by janrinok at 2018-01-06 10:16:36
Security

janrinok [soylentnews.org] writes:

Story automatically generated by StoryBot Version 0.3.0a (Development).
Storybot ('Arthur T Knackerbracket') has been converted to Python3

Note: This is the complete story and will need further editing. It may also be covered by Copyright and thus should be acknowledged and quoted rather than printed in its entirety.

FeedSource: [TheRegister] collected from rss-bot logs

Time: 2018-01-06 00:47:55 UTC

Original URL: https://www.theregister.co.uk/2018/01/05/wi_fi_crypto_mining/ [theregister.co.uk] using UTF-8 encoding.

Title: How To Hack Wi-Fi For Fun And Imprisonment With Crypto-Mining Inject

--- --- --- --- --- --- --- Entire Story Below --- --- --- --- --- --- ---

How To Hack Wi-Fi For Fun And Imprisonment With Crypto-Mining Inject

Arthur T Knackerbracket has found the following story [theregister.co.uk]:

Thanks to the ridiculous valuation of Bitcoin and other cryptocurrencies, cryptomining code has become a common mechanism for converting authorized and stolen computing cycles into potential cash.

Antivirus and ad-blocker makers have responded by trying to halt [theregister.co.uk] crafty coin-crafting code from hijacking CPU time, particularly in browsers.

For those interested in violating computer laws – please, don't – and those interested in computer security research projects, a developer named Arnau, based in Spain, has published a proof-of-concept walkthrough [arnaucode.com] for hacking public Wi-Fi networks to inject crypto-mining code in connected browsing sessions.

CoffeeMiner is a project that allows the sort of man-in-the-middle attack that has been used by cyber thieves in Starbucks cafes [twitter.com] and doubtless elsewhere.

The CoffeeMiner script is designed to spoof Address Resolution Protocol (ARP) messages on a local area network in order to intercept unencrypted traffic from other devices on the network.

It turn conducts a man-in-the-middle attack using software called mitmproxy [mitmproxy.org] to inject the following line of HTML code into non-HTTPS, or otherwise non-encrypted, webpages requested by others on the networks:

When loaded, these webpages run the JavaScript and siphon CPU time to generate Monero, a cryptocurrency, using CoinHive's crypto-mining software.

As Arnau explained, the attack – demonstrated on a VirtualBox set up rather than in the wild – can be automated. The published version doesn't work with requests for HTTPS webpages, though the addition of sslstrip [moxie.org] could solve that.

The code, mostly Python, is available on GitHub [github.com]. ®

Original Submission