Anonymous researcher under nickname "Arnau" published a concept and the associated investigation of the CoffeeMiner attack, which allows to mine through public Wi-Fi networks.
Created for educational purposes, the Arnau's study was inspired by an incident that occurred in December 2017 in Buenos Aires. Local network of Starbucks coffee houses was mining hiddenly with the help of devices connected to the public Wi-Fi network.
The CoffeeMiner attack is designed to spoof the Address Resolution Protocol (ARP) to intercept unencrypted traffic from devices on the same network.
For injection of HTML-code into unprotected traffic, the console program
In his tests, the researcher used the popular "browser" mining script. Coinhive and extracted the Monero crypto currency.
Specialist notes that such an attack can be easily automated. And although in the current form CoffeeMiner can not work with HTTPS, this problem can be solved, for example, using sslstrip.
Source code is available at GitHub.