At least one Starbucks location was discovered to be using the computing power of customer’s machines connected to its Wi-Fi network to mine for the cryptocurrency Monero without their knowledge.

The hidden miner was found in a Starbucks coffee shop located in Buenos Aires, Argentina. The wireless network provided by the company was injecting the mining code onto customer computers in order to generate digital currency.

Noah Dinkin, the CEO of email marketing firm Stensul, first brought the mining behavior to public attention on Twitter on Dec. 2 after visiting the Starbucks shop and examining the source code produced while connected to the Wi-Fi network.

Dinkin tweeted at Starbucks after identifying the mining code. “Did you know that your in-store wifi provider in Buenos Aires forces a 10 second delay when you first connect to the wifi so it can mine bitcoin using a customer's laptop?” Dinkin wrote. “Feels a little off-brand.”

While Dinkin said the injected code, placed by the company providing the Starbucks location with its public internet connection, was mining for Bitcoin. However the code was provided by CoinHive, a cryptocurrency miner that only mines for Monero.

Regardless of what the code was mining for, it was doing so without the permission of the customer. When a person would connect to the Starbucks network, the code would be injected into the user’s browser and would siphon resources from the computer’s processor to mine for the digital tokens.

Starbucks acknowledged Dinkin’s tweet on Dec.11 and confirmed the incident had indeed happened. According to the company, the issue has been addressed and the Wi-Fi network in Buenos Aires will no longer hijack customer computers to generate the virtual currency.

“As soon as we were alerted of the situation in this specific store last week, we took swift action to ensure our internet provider resolved the issue and made the changes needed in order to ensure our customers could use Wi-Fi in our store safely,” the official Starbucks account wrote in response to the incident.

The issue is not believed to be widespread across Starbucks locations and appears to be an isolated incident. The miner also does not appear to have been injected by the order of Starbucks itself.

While the incident with Starbucks may be a one-off for the time being, hidden cryptocurrency miners are becoming more and more common. A number of sites and services have been discovered to have mining code embedded that makes use of visitor resources without informing them.

The process is known as cryptojacking and while it is relatively harmless for the victims—at its worst, it makes the user’s machine run slower as it eats at resources—it is still a dishonest practice that takes advantage of users who have no knowledge of how their machine is being used.

RELATED STORIES
Security Security Bitcoin