Monero mining or Bitcoin mining: Due to the value of Bitcoin and other cryptocurrencies, mining has become a common target of hackers trying to turn any stolen computer resource into cash.
The makers of anti-virus and anti-adware programs have responded immediately by trying to stop any code that allows CPU mining, especially through browsers.
For those interested in breaking the law, sorry to do a little research on computer security, a Spanish programmer nicknamed Arnau, published a PoC which describes how to use public Wi-Fi networks for mining.
He named his project CoffeeMiner, and it allows a kind Man-in-the-middle used by hackers usually in cafes that have free Wi-Fi.
The CoffeeMiner script is designed to hack its messages Address Resolution Protocol (ARP) on a local network in order to intercept encrypted traffic from other devices on the network.
The attack is conducted by the man-in-the-middle using a software που ονομάζεται mitmproxy για την έγχυση της παρακάτω lineof HTML code on non-HTTPS or otherwise unencrypted web pages browsed by network visitors:
When loaded, these web pages run JavaScript and with the computer's CPU generate Monero, using the software encryptions CoinHive.
As Arnau explained, the attack can be automated. The published version does not work with requests for HTTPS websites, although adding sslstrip could solve the problem.
The code is mostly Python, and it is available at GitHub.