A caffeine peddling Starbucks store in Buenos Aires is not the place you’d expect to find illegitimate cryptocurrency mining to go alongside your venti triple shot skinny mint latte. But when Noah Dinkin, CEO of Stensul, a platform that helps marketers craft emails, visited the branch last week, he discovered that the one of the store’s Wi-Fi provider was hijacking his laptop to mine digital currency.
It turns out the hotspot had been hijacked and injected with malware that syphons off processor power to crunch the calculations needed to generate or ‘mine’ cryptocurrency, Monero in this case.
Starbucks has acknowledged that visitors to its Buenos Aires branches were unwittingly recruited into a crypto-currency mining operation, though mining malware was not meant to be on the menu.
Starbucks said that it had taken “swift action” to address the problem. When Dinkin alerted the coffee-pushing company to the infection, Starbucks got its internet service provider to purge the malware from the network. So it would appear that this is the work of a hacker rather than a way for Starbucks to make some extra cash on the side.
At the time, a Starbucks spokesperson stated that the issue was resolved quickly and wasn’t widespread, but Dinkin disagreed on the latter point. “This was observed by a friend and me in three separate Starbucks stores in Buenos Aires over multiple days following my original tweet, that week,” he wrote on Twitter on Wednesday. “It wasn’t just one store.”
It is not known who was behind the mining operation.
When Motherboard reached out to the Argentine internet provider responsible for Starbucks’ Wi-Fi in Buenos Aires—Fibertel—the company blamed hackers for planting the miner code on their network.
But this is an evolution of a popular scheme. One expert said the incident highlighted the risks of using public wi-fi.