Hacking Wireless Networks & Use CoffeeMiner To Inject Cryptocurrency Miners

  • 329
  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    330
    Shares

A developer named Arnau from Spain has released a new project called CoffeeMiner that is designed to hack wireless networks to inject cryptocurrency mining code inside connected browsing sessions.

CoffeeMiner project use the power of man-in-the-middle attack to inject some javascript code in the html pages reached by the connected users, in this scenario all the machines connected to the same WiFi network will mine cryptocurrency for the attacker.

The project works by spoofing ARP messages on a LAN in order to capture unencrypted traffic from other machines on the same network.

“In computer networking, ARP spoofing, ARP cache poisoning, or ARP poison routing, is a technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network. Generally, the aim is to associate the attacker’s MAC address with the IP address of another host, such as the default gateway, causing any traffic meant for that IP address to be sent to the attacker instead.”

CoffeeMiner will use a tool called mitmproxy to inject the following line of HTML code into non-HTTPS (non-encrypted) web pages requested by other users on the network:

http://httpserverIP:8000/script.js

 

When victims view these web pages, the JavaScript code will use your CPU to generate Monero, a cryptocurrency, using CoinHive’s crypto-mining library.

The CoffeeMiner project is available on GitHub.

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Latest posts by Unallocated Author (see all)

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply

Do NOT follow this link or you will be banned from the site!