Headmaster fired over cryptocoin mining on the school’s dime

A headmaster in a Chinese high school in Hunan has been fired for allegedly stealing electricity to mine cryptocurrency, reports the South China Morning Post.

According to local media, teachers got suspicious over “a whirring noise that continued day and night” and a whopping electricity bill: 14,700 yuan (USD $2,113, £1,628) for about a year.

‘Oh, that? It’s just the air conditioners and the heaters!’ the headmaster, Lei Hua, reportedly said.

Lei Hua is said to have picked up his first Ethereum mining rig for about 10,000 yuan (£1107, USD $1,437) and started cryptocoin mining at his home in June 2017.

As anybody who knows anything about mining for crypto will tell you, that surely led to a whopping electricity bill. In fact, the machine was eating up nearly 21 kilowatt-hours of electricity per day.

So to save money on his power bill, Lei allegedly relocated the machine to the school where he worked. By the time the setup was discovered about a year later, he’d allegedly plugged in another seven mining computers in the school’s computer room. His deputy headmaster also allegedly got caught up in the craze, picked up a ninth machine for himself in January, and added it to Lei’s eight rigs.

Lei was fired last month after the power thievery was detected. His deputy received an official warning. The profits went bye-bye: a local authority responsible for “discipline inspection” reportedly seized the money that Lei and his deputy allegedly made.

That computer room, with its nine Ethereum mining computers whirring, must have gotten pretty steamy. Matthew Hickey, a cyber-security expert at Hacker House, told the BBC that it would have been throbbing with all that power and activity:

The noise and heat of nine actively running mining machines would have been very noticeable.

Unfortunately, the cost of electricity really eats into profits, and stealing it is one way people are trying to maximize their revenue, he said:

By avoiding those costs it can drastically improve returns on a mining operation.

Power costs are not the only thing that can eat into that sweet, sweet cryptocoin payoff. Here’s another: plummeting cryptocurrency rates. Ethereum prices dropped over 70% from their peak in February and are currently trading at around USD $214.

If Lei and his deputy are in fact guilty, they won’t be the first to try to dig themselves out of the hole by stealing electricity. According to the SCMP, state news agency Xinhua reported that police arrested six people in northern Tianjin in April over stealing electricity from the local grid to power 600 Bitcoin mining machines.

The BBC also reported in February that scientists were arrested for allegedly mining Bitcoin with supercomputers at a secret nuclear warhead factory – the same one that made the country’s first nuclear bomb.

All of this makes sense, in a criminal, bottom-line way. To make real money with coin mining, you need a lot of electricity to deliver a whole lot of processing power on a whole lot of computers.

You’ve got options: you can rent space in a giant coin mining server farm – for example, in Iceland, where electricity is cheap, the weather is cold enough to stop your computers from melting down, and where mining was on track to zap more energy than households this year.

Then again, you can just steal other people’s electricity, by plugging into their outlets. But as those arrested for doing this will surely attest, that’s got the downside of being conspicuous.

That’s one reason why there’s arisen a newish form of malware called cryptojacking: the theft of electricity, processing power and air conditioning by inflicting malware that sneaks cryptominers into networks, browsers, coffee shops, and more.

You pay the bills, the crooks pocket the proceeds – no telltale computers, gangly cords, overly heated computer rooms or constant whirring involved.

If you’re curious to know more about cryptomining malware, SophosLabs published a technical report back in January that gives a fascinating look at just how much effort cybercriminals are willing to put into getting their cryptomining code accepted into the Android Play Store, and thus to have it rubberstamped by Google.