科技创新!
Cryptocurrency miners exploit unsuspecting public WiFi users
As the hubbub around cryptocurrencies continues to grow, so, too do the ways that more nefarious folks can exploit clueless individuals. And one coder has shown how you could be at risk when browsing on a public Wi-Fi server.
SEE ALSO: What happens when governments get into cryptocurrencySoftware developer Arnau flagged the issue recently (via ZDNet), citing a recent case in which someone was exploiting public Wi-Fi at a Buenos Ares Starbucks, and explored what's called a "MITM (Man-In-The-Middle)" attack.
In these attacks, the hacker can "inject a javascript" into the html of a page using a public Wi-Fi connection and, in turn, use the computers of other unsuspecting users on the same network to mine cryptocurrency for the hacker.
Tweet may have been deleted
As ZDNet explains it, for the more technically-inclined among us:
The attack works through the spoofing of Address Resolution Protocol (ARP) messages by way of the dsniff library which intercepts all traffic on the public network.
Mitmproxy is then used to inject JavaScript into pages the Wi-Fi users visit. To keep the process clean, the developer injected only one line of code which calls a cryptocurrency miner.
Arnau was able to successfully recreate the exploit described in the Starbucks case, which was then, appropriately named CoffeeMiner thanks to those dark-roasted origins.
The lone weakness of the mining script is time. CoinHive, a miner mentioned by Arnau, needs the victim to be on a page for at least 40 seconds to make the effort worthwhile.
But your best bet in protecting yourself against such attacks, besides limiting your time on unsecured public networks, are a handful of security tools, such as the ones Motherboardpointed out in December of 2017.
Symantec had to “fine-tune” some of its security tools in September to block malicious cryptocurrency miners, [Candid Wueest, principal threat researcher for Symantec] said. There are free ways to protect yourself too: You can add mining scripts to Adblock Plus’s block list, and there’s even an open source script blocker on GitHub called No Coin.
So update your tools and stay sharp out there -- which you really should be doinganyway because of, well, everything-- because as cryptocurrency values skyrocket, so will the number of folks looking to get rich off of the oblivious.
Featured Video For You
People are spending millions on virtual CryptoKitties
友链
外链
互链
Copyright © 2023 Powered by
Cryptocurrency miners exploit unsuspecting public WiFi users-声闻过情网
sitemap
文章
1184
浏览
1
获赞
87357
热门推荐
HBO Max vs. HBO Go and HBO Now: What makes each service different
There are now three streaming services with HBO's name on them. Wednesday marked the official launchTinder is finally testing in
Like its fellow Match Group property Hinge and a slew of other dating apps, Tinder is testing out inA practical guide to having safe sex during the coronavirus pandemic
I have a confession: I've had sex since social distancing began. With someone I met on Tinder, someoThe surprising reason Lily Allen's 'Smile' went viral on TikTok
TikTok users all over the globe are dancing like mad to Lily Allen's "Smile," 14 years after its relEvery 2020 candidate's 404 error page, ranked
UPDATE: May 16, 2019, 3:36 p.m. EDT Since this story was published, three more candidates -- Bill deNextdoor scraps Forward To Police feature, doing the bare minimum
Amid renewed criticisms that the app facilitates racial profiling and other harmful policing issues,Microsoft delays Surface Earbuds until 'Spring 2020'
If Microsoft's dinner-plate-shaped wireless earbuds were on your holiday wishlist this year, you migHeybaby is a new dating app for parents and people who want to be parents
As you scroll through dating apps you start to spot trends, like fishing photos or mentions of The OComedian gives her family brilliant informational pamphlets before going on a date
Anticipating her family's inevitable questions, Mary Beth Barone prepared an informational pamphletDisney World's reopening trailer gets an appropriately snarky response
If you're going to re-open one of the world's most popular theme parks during a pandemic, and in a UElon Musk tells employees smoking weed with Joe Rogan was 'not wise'
Remember that time Elon Musk smoked weed on The Joe Rogan Experience? And then NASA had to conduct aCoronavirus infects bear cam rangers in remote Alaska national park
The coronavirus has reached an isolated part of an already remote national park in Alaska.On SundayChunky baby seal born in Japan. Look at him, love him.
There is never a bad time to look at a cute baby animal, so please enjoy this adorable seal.The littIf you own an iPhone 5, you'd better update your iOS right now
Apple wants you to know that if you're still using an iPhone 5, you really, really need to hurry upFlorida residents protesting mandatory masks is like a 'Parks and Rec' fever dream
A handful of folks in Palm Beach County, Florida have some... ideas... about not wearing masks. And