Illicit Bitcoin mining discovered at MU's Reynolds Journalism Institute

Wednesday, December 11, 2013 | 7:55 p.m. CST; updated 9:43 a.m. CST, Thursday, December 12, 2013

*UPDATE: This story has been updated to include more information about the charges that Eric Wichmann and Josh O'Steen could face. 

COLUMBIA — Two MU computer science students have been accused of running an unauthorized Bitcoin mining operation on computers in the Reynolds Journalism Institute.

MU Police Capt. Brian Weimer said that Eric Wichmann and Josh O'Steen were arrested by MU police Friday on suspicion of tampering with computer data. Weimer said they were arrested on suspicion of a misdemeanor violation of the state tampering statute, though tampering can also be a class D felony.*  Wichman and O'Steen were released the same day on a summons.

Boone County Assistant Prosecuting Attorney Brouck Jacobs said there was no decision yet whether Wichmann and O'Steen will be formally charged since the MU police report had not yet hit his desk.

Bitcoin is a new digital currency that operates independent of any government or central authority. Instead of relying on third-party financial institutions to verify each electronic transactions, Bitcoin uses a peer-to-peer network of computers to maintain a public record of all exchanges of the digital currency, which is called the block chain.

These networked computers constantly run an open-source application that works out a complex math problem, resulting in an update to the current block of most recent transactions, which is then broadcasted to peer computers. The process is called "mining" because the operators of whichever computer completes the current block are awarded newly minted Bitcoins.

MU Journalism department IT Support Specialist Justin Giles said he and his co-workers started investigating the case when a lab instructor noticed that one of the iMacs in 45 Walter Williams was behaving oddly. They quickly discovered that someone had bypassed an administrative password and installed the unauthorized mining application on eight separate computers — five more in 45 Walter Williams and two more in the Futures Lab. Giles said the unauthorized activity was a breach of the UM System's Acceptable Use Policy.

The security compromise was only possible through physical access to the computers. A combination of activity logs on the computers and security cameras in the building were used to identify suspects.

Wichmann and O'Steen were arrested Friday in connection with the unauthorized application.

Giles said it was the first known incident of this kind in the 10 years he has been working for MU's Journalism School.

Like what you see here? Become a member.

Show Me the Errors (What's this?)

Report corrections or additions here. Leave comments below here.

You must be logged in to participate in the Show Me the Errors contest.


Corey Parks December 12, 2013 | 8:22 a.m.

"Giles said it was the first known incident of this kind in the 10 years he has been working for MU's Journalism School."

Really Giles? Considering Bit Coin was introduced in 2009 I bet you haven't seen anything like in the early part of 10 years ago.

(Report Comment)
John Schultz December 12, 2013 | 10:39 a.m.

I'm betting someone's run SETI@home or participated in a hash cracking contest on J School computers back in the day as well. Talk to the kids, don't send them to county prosecutor for crying out loud.

(Report Comment)
Mike Martin December 12, 2013 | 1:54 p.m.

Fascinating and timely story! Just sent it to Drudge -- seems tailor made for his page.

Bitcoin has been popping up a lot in the news lately, e.g.

Sounds like it could evolve into a cool RJI project figuring out and reporting on the tech forensics behind the alleged crime, and so forth.

And of course, just as James Bond and Die Hard need some cool new villainy, Bitcoin (mining, tampering, counterfeiting) saves the day.

(Report Comment)
Jon Hendrell December 12, 2013 | 2:12 p.m.

Bitcoin is so 2013....Litecoin is the future!

(Report Comment)
Richard Saunders December 12, 2013 | 2:59 p.m.

While they definitely violated policy and broke rules, installation of rouge software is hardly "data tampering."

Why don't the charge them with trespass, or some other relevant crime?

(Report Comment)
Mike Martin December 12, 2013 | 3:26 p.m.

That "rouge" software should at least merit a complaint from the fashion police. :)

(Report Comment)
James Gordon December 12, 2013 | 5:48 p.m.

Hey everyone, thanks for you interest in my story.

John Schultz' comment made me nostalgic for the old Acer desktop I had in my freshman dorm room that was running SETI@home. But there are two important differences here:
1. I owned that computer and volunteered its processing power
2. I had no expectations of earning a profit, but wanted to contribute to the noble cause of finding extraterrestrial life.

These guys were bypassing some pretty obvious security measures (i.e., changing the admin password), but I could definitely see how they might view it as a victimless crime. I really wanted to get their side of the story, but they did not respond to my requests for comment.

Also, there's a distinct possibility the disciplinary actions will be handled within the school if the Boone County prosecuting attorney will decides not to pursue the charges.

(Report Comment)

Leave a comment

Speak up and join the conversation! Make sure to follow the guidelines outlined below and register with our site. You must be logged in to comment. (Our full comment policy is here.)

  • Don't use obscene, profane or vulgar language.
  • Don't use language that makes personal attacks on fellow commenters or discriminates based on race, religion, gender or ethnicity.
  • Use your real first and last name when registering on the website. It will be published with every comment. (Read why we ask for that here.)
  • Don’t solicit or promote businesses.

We are not able to monitor every comment that comes through. If you see something objectionable, please click the "Report comment" link.

You must be logged in to comment.

Forget your password?

Don't have an account? Register here.