Image copyright
Getty Images

Image caption

It is not known who was behind the mining operation

Starbucks has acknowledged that visitors to one of its branches were unwittingly recruited into a crypto-currency mining operation.

The wi-fi service provided by one of the coffee chain’s Buenos Aires outlets surreptitiously hijacked computers to use their processing power to create digital cash.

Starbucks said that it had taken “swift action” to address the problem.

But one expert said it highlighted the risks of using public wi-fi.

It is not clear how long the malware involved was active or how many customers were affected.

The issue was identified only when the chief executive of a New York-based company logged into the service and noticed the problem.

Noah Dinkin was alerted to the issue by a delay he experienced before being able to start using the net, and posted his discovery to Twitter.

Although he initially believed the code had been designed to force his laptop to try to create bitcoins, other noted that it had in fact been designed to mine another digital currency, Monero.

Mining involves solving complicated mathematical equations to verify crypto-currency transactions.

Those involved are attracted by the promise of being rewarded with newly minted “coins” if their computer is first to solve a challenge.

But because lots of processing power is required to have a good chance of success, some people have tried to infect other people’s computers with mining code to boost their chances.

Victims’ computers are normally targeted via infected websites, but it is relatively unusual for a wi-fi hotspot to be involved.

“As soon as we were alerted of the situation in this specific store last week, we took swift action to ensure our third-party support provider resolved the issue and made the changes needed in order to ensure our customers could use wi-fi in our store safely,” a spokeswoman for Starbucks told the BBC.

The company had earlier told the Motherboard news website that it did not “have any concern that this is widespread” across its other stores.

One cyber- expert said that public wi-fi users should ensure they used up-to-date software and be on the lookout for suspicious activity, to minimise their risks.

“Always be wary when connecting to untrusted networks, public wi-fi hotspots are untrusted to you even if they are provided by a trusted brand,” Don Smith, from Secureworks, told the BBC.

“Indeed, connecting to these networks gives the provider an ability to intercept your .

“However, we should not scaremonger unnecessarily, these can be useful services and the abuse of these services is definitely the exception not the rule.

“Also, as applications and websites increasingly move to encryption by default – this clearly improves overall security.”



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here