The Siacoin (SC) Internet Cafe Hack and the Rising Popularity of Cryptojacking

siacoin internet cafe hack
Popular Article
DAOs EcoSapiens
ReFi landscape
DAOs EcoSapiens

Regenerative Finance 101: A Guide to Crypto’s ReFi Movement

Hacks can have a devastating impact on any cryptocurrency project. In June 2018, stories began to spread about a major hack that exploited internet cafe computers in order to mine Siacoin.

While this marked an obvious setback for Siacoin (SC), it is crucial to understand the larger picture surrounding this incident. In this article, we’ll share the details of the hack. We’ll also examine the rising popularity of cryptojacking and how individual users can prevent such hacks from happening in the future.

The Details of the Siacoin (SC) Hack

Hackers throughout China illegally mined around $800,000 of Siacoin (SC) from July 2017 to June 2018. From a technical standpoint, the Siacoin (SC) hack was not an uncommon type of hack. The hackers used an increasingly popular technique known as cryptojacking.

In this type of attack, hackers create malware specifically designed to use the computational power of unsuspecting device users in order to mine cryptocurrency. 

In this particular incident, the malware was installed on over 100,000 computers in internet cafes throughout China. Then, mining rewards were split amongst the hackers involved in carrying out the attack. For the most part, hackers develop cryptojacking software that doesn’t utilize a noticeable amount of computing power in hopes that users will not notice that such illegal activities are going on.

However, in this case, the hackers mined Siacoin (SC) at full capacity. As a result, cafe owners in the Zhejiang Province city of Rui’an began to see major increases in the cost of their electric bills. Additionally, the processing speeds of internet computers also slowed down to around 70 percent of normal capacity. 

The Siacoin (SC) internet cafe hack took place in at least 30 cities throughout China.
The Siacoin (SC) internet cafe hack took place in at least 30 cities throughout China.

Some Suspects Caught, Malware Continues to Spread

When the internet cafes asked computer maintenance companies about these changes, they found nothing wrong. After further investigations, authorities discovered that Jinhua, a computer software company, was actually behind the illegal Sia mining operation. Additionally, some estimate that more than 100 computer maintenance companies could have been collaborators in the Siacoin (SC) hack.

Authorities believe that the computer maintenance companies installed malware during routine computer maintenance checks. The first arrest in this operation took place in October 2017. According to reports published in June 2018, 16 people have been arrested.

The Sia mining malware outbreak isn’t just limited to Rui’an. The malware spread to internet cafes in at least 30 cities throughout China. Even worse, according to reports released in June 2018, the malware has yet to be fully contained.

As of August 12, 2018, there has been no official response from the core project team via news sites or the Siacoin (SC) blog. While this is a bit concerning for the Sia community, there could be a variety of reasons for this. For example, the fact that this is an ongoing investigation might play a factor.

The Rising Popularity of Cryptojacking

Additionally, major projects with higher market caps also continue to face similar issues. For example, Palo Alto Networks estimates that around 5 percent of all Monero (XMR) is illegally mined. Another interesting fact is that studies show hackers have been less willing to cryptojack in recent months.

According to a report published by ZDNet on July 17, 2018, they found 1.5 million detections of illegal mining software in June 2018. This is a major decline from the 5 million detections in March 2018.

According to sources within the internet security industry, cryptojacking has already surpassed ransomware as the most popular, easy-to-implement cyberthreat. This is due to the fact that cryptojacking can automatically unlock user devices after a malware infection. Ransomware, in contrast, requires hackers to manually unlock user devices. Even though products like CryptoPrevent do exist, most reviews aren’t positive. Nonetheless, users are likely to continue to see new security software emerge as cryptojacking tactics become more advanced.

While the ZDNet study doesn’t look at Siacoin (SC) specifically, it does show a larger industry-wide trend. The combination of high energy costs, bear market, and the high probability of getting caught by authorities could dissuade hackers to continue the illegal Sia mining operation.

Public computers at internet cafes and personal devices alike are vulnerable to cryptojacking.
Public computers at internet cafes and personal devices alike are vulnerable to cryptojacking.

What Are Some Ways that Sia Mining and Other PoW Projects Could Become More Secure?

Incidents like the Siacoin (SC) cryptojacking incident could continue to become a big problem in the future. The collaboration of multiple companies to illegally mine cryptocurrency is, of course, a large-scale event that is difficult to execute. While it is worrying for internet cafes in China, it is also a concern for people throughout the world. Luckily, there are a few different ways in which individual users can be better prepare themselves.

For example, users can regularly check Task Manager functionality on devices or the settings on internet browsers (i.e. Chrome’s own Task Manage). Additionally, there are a number of plugins that can automatically block cryptocurrency mining applications. Examples include minerBlock and No Coin. Both of these are now available for Firefox and Chrome. 

Could Siacoin (SC) and Monero (XMR) Cryptojacking Lead to More Legal Crypto Mining Ventures?

Despite increasing worries over malware infections and cryptojacking, it’s possible that more services could arise to promote the development of legal crypto mining technologies. For example, cloud mining could offer a potential solution but will only likely gain in popularity if services can offer higher ROI when compared to hardware rigs.

Meanwhile, there are still a lot of developments that need to happen. For instance, tech companies will have to develop better systems that ensure legal compliance of cryptocurrency mining regulations. Legal institutions will also have to define in more detail what is considered legal and illegal cryptocurrency mining.

Cryptojacking is becoming increasingly popular, especially when compared to other types of attacks like ransomware.
Cryptojacking is becoming increasingly popular, especially when compared to other types of attacks like ransomware.


The Siacoin (SC) internet cafe hack leaves many in the cryptocurrency community asking several questions about the future of mining security. Are these incidents just a bump in the road? Are they part of a growing security risk?

It will be interesting to see how cryptojacking software and anti-cryptojacking security features continue to evolve in response.

[thrive_leads id=’5219′]

Legal Disclaimer

CoinCentral’s owners, writers, and/or guest post authors may or may not have a vested interest in any of the above projects and businesses. None of the content on CoinCentral is investment advice nor is it a replacement for advice from a certified financial planner.