UPDATE: Illicit Litecoin mining discovered at MU's Reynolds Journalism Institute

Monday, November 10, 2014 | 2:02 p.m. CST; updated 5:46 a.m. CST, Tuesday, November 11, 2014

*UPDATE: This story has been updated to correct information and add facts about the outcome of the arrests. It corrects the spelling of Eric Wichmann's name and includes his correct major at MU. It also lists the currency involved as Litecoins and includes more information about the charges Wichmann and Josh O'Steen could face. 

COLUMBIA — Two MU students have been accused of running an unauthorized *Litecoin mining operation on computers in the Reynolds Journalism Institute.

MU Police Capt. Brian Weimer said that Eric Wichmann and Josh O'Steen were arrested by MU police Dec. 6 on suspicion of tampering with computer data. Weimer said they were arrested on suspicion of a misdemeanor violation of the state tampering statute, though tampering can also be a class D felony.*  *Wichmann, an *Internet technology major, and O'Steen, a computer science major, went to the police station voluntarily and were released the same day on a summons, the two students said.

Boone County Assistant Prosecuting Attorney Brouck Jacobs said there was no decision yet whether Wichmann and O'Steen will be formally charged since the MU police report had not yet hit his desk. 

*They were informed on Dec. 17 that the journalism school would not pursue the charges. The two students instead dealt with the Office of Student Conduct at the university. They were required to write two papers and complete 30 hours of community service. 

Boone County Assistant Prosecuting Attorney Spencer Bartlett declined to comment on the arrest because the statute of limitations hadn't run out.

Litecoin is a digital currency that operates independent of any government or central authority. Instead of relying on third-party financial institutions to verify each electronic transaction, Litecoin uses a peer-to-peer network of computers to maintain a public record of all exchanges of the digital currency, which is called the block chain.

These networked computers constantly run an open-source application that works out a complex math problem, resulting in an update to the current block of most recent transactions, which is then broadcast to peer computers. The process is called "mining" because the operators of whichever computer completes the current block are awarded newly mined Litecoins.

MU journalism school IT support specialist Justin Giles said he and his co-workers started investigating the case when a lab instructor noticed that one of the iMacs in 45 Walter Williams Hall was behaving oddly. They quickly discovered that someone had bypassed an administrative password and installed the unauthorized mining application on eight separate computers — five more in 45 Walter Williams and two more in the Reynolds Journalism Institute Futures Lab. Giles said the unauthorized activity was a breach of the UM System's Acceptable Use Policy.

The security compromise was only possible through physical access to the computers. A combination of activity logs on the computers and security cameras in the building were used to identify suspects.

Giles said it was the first known incident of this kind in the 10 years he has been working for MU's School of Journalism.

Like what you see here? Become a member.

Show Me the Errors (What's this?)

Report corrections or additions here. Leave comments below here.

You must be logged in to participate in the Show Me the Errors contest.


Corey Parks December 12, 2013 | 8:22 a.m.

"Giles said it was the first known incident of this kind in the 10 years he has been working for MU's Journalism School."

Really Giles? Considering Bit Coin was introduced in 2009 I bet you haven't seen anything like in the early part of 10 years ago.

(Report Comment)
John Schultz December 12, 2013 | 10:39 a.m.

I'm betting someone's run SETI@home or participated in a hash cracking contest on J School computers back in the day as well. Talk to the kids, don't send them to county prosecutor for crying out loud.

(Report Comment)
Mike Martin December 12, 2013 | 1:54 p.m.

Fascinating and timely story! Just sent it to Drudge -- seems tailor made for his page.

Bitcoin has been popping up a lot in the news lately, e.g.

Sounds like it could evolve into a cool RJI project figuring out and reporting on the tech forensics behind the alleged crime, and so forth.

And of course, just as James Bond and Die Hard need some cool new villainy, Bitcoin (mining, tampering, counterfeiting) saves the day.

(Report Comment)
Jon Hendrell December 12, 2013 | 2:12 p.m.

Bitcoin is so 2013....Litecoin is the future!

(Report Comment)
Richard Saunders December 12, 2013 | 2:59 p.m.

While they definitely violated policy and broke rules, installation of rouge software is hardly "data tampering."

Why don't the charge them with trespass, or some other relevant crime?

(Report Comment)
Mike Martin December 12, 2013 | 3:26 p.m.

That "rouge" software should at least merit a complaint from the fashion police. :)

(Report Comment)
James Gordon December 12, 2013 | 5:48 p.m.

Hey everyone, thanks for you interest in my story.

John Schultz' comment made me nostalgic for the old Acer desktop I had in my freshman dorm room that was running SETI@home. But there are two important differences here:
1. I owned that computer and volunteered its processing power
2. I had no expectations of earning a profit, but wanted to contribute to the noble cause of finding extraterrestrial life.

These guys were bypassing some pretty obvious security measures (i.e., changing the admin password), but I could definitely see how they might view it as a victimless crime. I really wanted to get their side of the story, but they did not respond to my requests for comment.

Also, there's a distinct possibility the disciplinary actions will be handled within the school if the Boone County prosecuting attorney will decides not to pursue the charges.

(Report Comment)

Leave a comment

Speak up and join the conversation! Make sure to follow the guidelines outlined below and register with our site. You must be logged in to comment. (Our full comment policy is here.)

  • Don't use obscene, profane or vulgar language.
  • Don't use language that makes personal attacks on fellow commenters or discriminates based on race, religion, gender or ethnicity.
  • Use your real first and last name when registering on the website. It will be published with every comment. (Read why we ask for that here.)
  • Don’t solicit or promote businesses.

We are not able to monitor every comment that comes through. If you see something objectionable, please click the "Report comment" link.

You must be logged in to comment.

Forget your password?

Don't have an account? Register here.