InfoSecurity Magazine has an article that outlines how the CoffeeMiner script allows malicious users to create a Man-in-the-Middle (MITM) attack to cause affected machines to run code that mines for the cryptocurrency Monero without the user’s knowledge. The author makes the suggestion that the best solution is to just never connect to an open wifi. While I do agree that using open wifi isn’t smart, there are times in our lives when it is the best or only option. In these cases it’s still possible to operate securely, but in order to do so, the minimum protection mechanism needed would be a Virtual Private Network (VPN). Taking the approach that the only secure system is the one not used fails to incorporate smart information security decisions into business operations.
There are multiple VPN apps on the app stores that will work just fine, both paid and free, but I recommend going for an inexpensive paid one like Express VPN because you will get outstanding service, multiple options, selectable servers and strong throughput (Disclaimer, link only works from mobile devices. I have had a paid subscription to this app for a couple years and if you go to this link and choose to also subscribe we both receive 30 free days of service).
If you’re not interest in purchasing a solid VPN, but have an Android phone, there is also a built-in Google VPN option under Network & Internet Settings called Wi-Fi Assistant. I’ve used it a couple times, but I much prefer Express VPN over the built-in version due to my ability to select the VPN Server geographical location.
Either way, just don’t connect to open wifi without employing some form of protection. I agree with the author who concludes the article by asking, “We don’t even touch public doorknobs without a paper towel or a squirt of Purell…Why on Earth would anyone freely connect to a public Wi-Fi network?”