WiFi Miner Detector: Detecting malicious WiFi with mining cryptocurrency
WiFi Miner Detector
Overview
A tool for detecting malicious WiFi with mining cryptocurrency.
Some weeks ago I read a news “Starbucks Wi-Fi Hijacked People’s Laptops to Mine Cryptocurrency“. The attackers inject the CoinHive javascript miner to HTTP Response, so I write this tool to detect malicious WiFi with miner scripts. Now it can detect:
- CoinHive
- DeepMiner
- Crypto-Loot
- CoinIMP
It is based on analyzing the unencrypted 802.11 Data Frame to find keywords in HTTP data Because this attack is major occurred in public open WiFi.
Requirements
sudo apt install python-pip pip install scapy pip install scapy_http
And you’ll need a WiFi card that supports monitor mode. You can check by running: iw list. Something like:
Supported interface modes: * IBSS * managed * AP * AP/VLAN * monitor * mesh point
Download
git clone https://github.com/360PegasusTeam/WiFi-Miner-Detector.git
Usage
sudo python wifi_miner_detector.py wlan0
Author: qingxp9 @ 360PegasusTeam
