As the values of the largest cryptocurrencies have multiplied this year, so too have reports of digital-currency miners stealing resources to amplify the profitability of their operations.
In Venezuela, where electricity is heavily subsidized by the (crumbling) government, the government’s intelligence agents are ferreting out and jailing people caught mining bitcoin or other digital currencies.
Yesterday, we reported that the world’s largest oil-pipeline company discovered unauthorized digital-currency mining taking place on the company’s hardware.
And today, Cryptocoinsnews pointed out that a Starbucks in Buenos Aires had its wi-fi hacked to force a 10 second delay when connecting so it could mine Monero - currently the world’s 11th largest cryptocurrency - with people’s laptops.
The presence of the CoinHive code was discovered by the chief executive of a New York-based tech company, Noah Dinkin, who noticed something was off when he was connecting to the service. He then used Twitter to share what he found:
Hi @Starbucks @StarbucksAr did you know that your in-store wifi provider in Buenos Aires forces a 10 second delay when you first connect to the wifi so it can mine bitcoin using a customer's laptop? Feels a little off-brand.. cc @GMFlickinger pic.twitter.com/VkVVdSfUtT
— Noah Dinkin (@imnoah) December 2, 2017
Initially, Dinkin believed his laptop was being forced to mine bitcoin, users noted Coinhive only works with Monero, a cryptocurrency optimized for CPU mining that recently hit a new all-time high above $300, and has surged over 1,500% this year so far, according to data from CoinMarketCap.
A few days after Dinkin shared his findings on Twitter, Starbucks responded. The company acknowledged the issue and announced that it’s been resolved.
As soon as we were alerted of the situation in this specific store last week, we took swift action to ensure our internet provider resolved the issue and made the changes needed in order to ensure our customers could use Wi-Fi in our store safely.
— Starbucks Coffee (@Starbucks) December 11, 2017
A spokesperson later on clarified that this wasn’t an isolated incident, and that the problem stemmed from the internet service provider, not Starbucks. Speaking to Motherboard, the spokesperson added that Starbucks hoped to ensure its customers are “able to search the internet over Wi-Fi securely,” and that it’s working with its service provider to remedy the issue.
Earlier this year, CCN reported the Pirate Bay’s efforts to use visitor CPU to mine Monero in order to monetize its traffic and replace the ads on its pages. The torrent index website used Coinhive, a JavaScript code that allows website admins to mine the anonymity-centric cryptocurrency with visitor’s CPUs.
Ever since the Pirate Bay tested Coinhive on its website, various actors started using the code to access other CPUs. The code was even placed on Google Chrome extensions, and on a subscription streaming service called Fight Pass, which exists to stream UFC matches.