Starbucks had to embarrassingly acknowledge that one of their branches’ free wi-fi was using customer computers to mine cryptocurrency. The branch would use the wi-fi provided, to secretively take control of the computers and use their processing power to generate digital money. Starbucks was quoted as saying that they had taken “swift action”. This is yet another story that highlights the dangers that come with using public wi-fi. The issue was spotted by an executive of a New York based tech firm, Noah Dinkle, who was quick to call Starbucks (@Starbucks) and Starbucks Argentina (@StarbucksAr) out on the matter via Twitter.
Hi @Starbucks @StarbucksAr did you know that your in-store wifi provider in Buenos Aires forces a 10 second delay when you first connect to the wifi so it can mine bitcoin using a customer’s laptop? Feels a little off-brand.. cc @GMFlickinger pic.twitter.com/VkVVdSfUtT
— Noah Dinkin (@imnoah) December 2, 2017
Noah was alarmed by the time that it took for him to use the internet after connecting. Noah originally thought the code was to mine Bitcoins, but it was to generate another type of currency named, Monero. Creating these virtual currencies requires computers to solve complex math equations. The more processing power the computer has the more likely you are of gaining bitcoins. So by using wi-fi, you can string multiple computers together to use their processing power and act as one giant “super-computer” to increase the chances of winning. Normally this type of malware would only be used on websites, so it is certainly unusual for a wi-fi hotspot to use this method. Currently, we don’t know how long the malware was running for or how many customers were affected, Starbucks has stated that they are adamant that this isn’t the case for any other branches and they see this as a one-off incident, but there is no way to be sure…
Our advice is to avoid connecting to public wi-fi where possible, but if you need to, ensure that you have the correct antivirus and security measures in place to protect your data and device; one unsecured connection could leave your device completely prone to hacking (webcam access, keystroke recording, etc.) and even worse, your business network; if you bring your own device to work (BYOD) you open up a whole load of other problems, and for that reason, it’s important that you have a BYOD policy.
If you want to make sure that your public wi-fi is secure, contact us for a free security review here.
Don’t be like Uber, Imgur, Equifax, TalkTalk or Morrisons – be a secure, safe and responsible business that knows how to handle customer and business data responsibly and within the boundaries of the law.
Need help with Cyber Security?
Call us on 0345 450 9393 today.