Hackers in Argentina found a way to exploit computers over public WiFi and use them to mine bitcoin. How do we stay secure as public internet access becomes more common?
How much do you think about personal safety when you go out?
In our modern society, police are there to protect you from harm, robbery, and harassment. For most people, this is enough to quell their fear of exposing themselves to the public. However, now that we’re in 2018, being hacked is not as obvious.
For instance, somebody made the public WiFi at an Argentina Starbucks take advantage of visitor computer processing power to mine Bitcoin. All an unsuspecting user had to do was log onto the Buenos Aires Starbucks’ WiFi, and their computer spent a few seconds helping the perpetrator mine Bitcoin.
How to Farm Minions and Mine Bitcoin
Ever hear of card skimmers? Card skimmers are like physical hacks for card capture devices like you find on ATMs. When you scan your card and get your money from an ATM, the card skimmer passes your information on to a hacker.
I bring those up because the Argentinian Starbucks hack was kind of similar. Instead of stealing users info, however, the hackers basically made their computers mine bitcoin for them.
The hack happened when users logged onto the public WiFi connection at the store.
Noah Dinkin, CEO of a company called Stensul, is the man who found the hack. When Dinkin noticed a 10 second delay in his connection, he did a bit of digging and found the problem.
Hi @Starbucks @StarbucksAr did you know that your in-store wifi provider in Buenos Aires forces a 10 second delay when you first connect to the wifi so it can mine bitcoin using a customer's laptop? Feels a little off-brand.. cc @GMFlickinger pic.twitter.com/VkVVdSfUtT
— Noah Dinkin (@imnoah) December 2, 2017
Mining bitcoin can take an impressive amount of resources, so consider this hack like outsourcing your processor against your will. It’s literal cyber-slavery, only you don’t know it’s going on.
Almost two weeks later, Starbucks responded:
As soon as we were alerted of the situation in this specific store last week, we took swift action to ensure our internet provider resolved the issue and made the changes needed in order to ensure our customers could use Wi-Fi in our store safely.
— Starbucks Coffee (@Starbucks) December 11, 2017
It seems that, in this case, the providers took care of the problem.
Still, I feel like we should all keep an eye toward personal responsibility. That way, we can all be a bit more like Dinkin.
This particular mining-against-your-will problem is a bit more widespread than this story, after all. For this, and future hacks, I think it is in everyone’s best interest to learn some basic security measures.
Who Will be our WiFi Protector?
I have been saying this for a while now, we need to be informed of good cybersecurity habits as the Internet of Things becomes more advanced. We need to be our own best WiFi protector.
Nobody wants to be a cog in the wheel of a Bitcoin mine. You don’t get anything for that but a slow connection.Steer clear of #bitcoin mining operations. #keepaneyeoutClick To Tweet
Plus, it’s naive to think that the same people who provide services to you are inherently better at cyber-security than you.
Yes, your bank probably pays more to stop the WiFi hacker who wants to get into your account. But, on that same token, your local supermarket probably does not. So when you see a kid in a basket playing a game on their tablet, they could be contributing to some shady business.
I think that good cyber-security comes from both angles. If you are diligent, and don’t succumb to cyber-security fatigue, then the companies that are providing services would be happy to help you stay secure.
But how do we strike that balance?