WiFi Miner Detector: Detecting malicious WiFi with mining cryptocurrency

WiFi Miner Detector

Overview

A tool for detecting malicious WiFi with mining cryptocurrency.

Some weeks ago I read a news “Starbucks Wi-Fi Hijacked People’s Laptops to Mine Cryptocurrency“. The attackers inject the CoinHive javascript miner to HTTP Response, so I write this tool to detect malicious WiFi with miner scripts. Now it can detect:

  • CoinHive
  • DeepMiner
  • Crypto-Loot
  • CoinIMP

It is based on analyzing the unencrypted 802.11 Data Frame to find keywords in HTTP data Because this attack is major occurred in public open WiFi.

Requirements

sudo apt install python-pip
pip install scapy
pip install scapy_http

And you’ll need a WiFi card that supports monitor mode. You can check by running: iw list. Something like:

	Supported interface modes:
		 * IBSS
		 * managed
		 * AP
		 * AP/VLAN
		 * monitor
		 * mesh point

Download

git clone https://github.com/360PegasusTeam/WiFi-Miner-Detector.git

Usage

sudo python wifi_miner_detector.py wlan0

Author: qingxp9 @ 360PegasusTeam

Source: https://github.com/360PegasusTeam/

Share