Starbucks WiFi mines Bitcoin while connected

Noah Dinkin found out that Starbucks mines Bitcoin while you’re connected to their free WiFi. In Dinkins tweet he addressed that this kind of free WiFi service is a “little off-brand” and also that the store in Buenos Aires was not the only store doing this and in-fact that there was three separate stores which Dinkins went to that all did the same thing.

Starbucks BitCoin Hive
Noah Dinkin shows that coin-hive.com mines BitCoins. Picture Source: Noha Dinkin

This may seem suspicious but Starbucks claims that this is not their fault and blame should be turned to their internet providing companies, this is what they told Motherboard

“Last week, we were alerted to the issue and we reached out to our internet service provider – the wi-fi is not run by Starbucks, it’s not something we own or control,…”

Starbucks ended up responding to Dinkins tweet saying that they have taken “swift action” into resolving the problem with their ISP and that customers will be able to join the free WiFi network safely.

How to prevent this?

Block external scripts or/and the coin-hive.com domain with your Adblocker such as uBlock (for scripts uMatrix). Ensure you used the filter list which includes crypto-mining pages. Some VPN providers already blocking such mining domains automatically when you’r connected behind the VPN.

Advertisements

6 thoughts on “Starbucks WiFi mines Bitcoin while connected

  1. Can they do it just by connecting to the wifi network? That seems strange, isn’t it? Is it something like captive portal stuff?

    I don’t really understand how they control your machine to visit a mining site.

    Like

    1. Its simply a JavaScript which gets executed by your browser. You see usually more CPU consumption while you’re on such pages, or not goes to 100% because that would be too obvious but it’s more than usually. The problem is that you mostly need JS for everything but the good news is that you can block external scripts with uMatrix or simply block the coin-hive.com domain with unlock or any other extension or other blocking mechanism.

      Like

      1. But how does joining a network force my computer to visit a specific website? Without my consent?

        It can force you to enter a captive portal, so is that about the same process?

        Like

        1. This has nothing to do with captive portal, it’s again just a JavaScript which will be executed in your Browser over an third party script. JavaScript has low level access to certain functions which makes it so dangerous. Your PC does not visit another site, the domain in that script just loads it script and send the data back to the Starbucks owner page. There is nothing visible and you only can block it by disallowing third party scripts with noscript, scriptsafe or umatrix.

          Like

          1. Ok so what if I don’t have ANY browser installed on my computer and I just joined a network.

            Then it won’t be able to run a js code right?

            So it must be basicly a browser hijacking. How does a network admin hijack a browser on other hosts?

            What gives him the power to run a JS code on my browser? If it ever existed it must have been patched long time ago.

            Like

          2. Again Crypto mining in your Browser has something to do with JavaScript which runs in your Browser or other programs.

            It’s not hijacking it’s simply third-party script which mines coins. Any website can run this if they want to and Starbucks was only on example ThepirateBay was one of the first which used this technique to replace ads with crypto mining scripts. It can’t be patched because that would require to block third party scripts and that would break a lot of legitimate things. As said earlier you can just block it with the given methods.

            Like

Comments are closed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: