Principal Lei Hua has been fired from his job at a school in Hunan, China, after a total of nine mining rigs were found stealing his school’s electricity to mine Ethereum, the BBC reported on Friday.
School Foots the Electricity Bill
The scheme was uncovered after staff heard mysterious whirring noises produced by the machines and decided to investigate. All told, the secret rigs cost the school a total of 14,700 yuan, the equivalent of $2,100 USD.
Cybersecurity expert Matthew Hickey was quoted by the BBC as saying the noise and heat generated by the rigs would be “very noticeable,” but Hua reportedly staved off concerns over the noise by claiming it came from the school’s heating and air conditioning units.
The headmaster installed mining rigs in the school’s computer lab between the summers of 2017 and 2018. Each of these mining machines cost Hua over $1,500 USD. He decided to use the school’s power because of the electricity costs associated with mining at home.
Headmaster Hua was fired in October following the incident. The ninth machine belonged to the school’s deputy headmaster, who was let-off with an official reprimand. Local authorities also seized any cryptocurrency mined from the operation.
Hickey says stealing energy to mine crypto isn’t uncommon given the high energy costs:
“Sadly, stealing electricity is one way that people have tried to maximize their revenue – by avoiding those costs it can drastically improve returns on a mining operation.”
In addition to offsetting energy costs, the headmaster and his deputy were also able to harness the school’s computing power to mine Ethereum at scale.
Other Schools Targeted for Illicit Mining
A similar hijacking incident occurred last week at St. Francis Zavier University in Nova Scotia, Canada. The university discovered that the school’s entire network was compromised with mining malware.
A suspected phishing attack installed malicious software on the school’s network and the software tried to hijack the university’s 150 computer servers for illicit mining. In response, an administrator from St. Francis shut down their network for four days. The perpetrators of the attack have yet to be identified.
Original article written by John Bogna at CryptoSlate