Household search by the Japanese police at Coinhive - Doocts

Household search by the Japanese police at Coinhive

Published:2018.06.12

I'm ashamed to say,I had been in trouble with the police for the first time in my life.

As a crime, it is "Acquisition/Preservation of Electromagnetic Records of Unauthorized Command", aka computer virus crime law,
I'm shocked. It was a bombshell. I wasn't thought it coming.

In this article, I hope to share what happened to me as much as possible.

Purpose of this article

First of all, the purpose of publishing this article is because "I do not want other creators to experience the same experience"

I don't mean to brag, but I've been trying hard to make as much effort as possible, like many of the respected creators, being a "good creator".

Regarding this case as well, it was not because of my personal profit but it was the result of seeking what can be done for the viewer to the best.
I'm regrettable that it will be dealt with in this way, but I just hope to leave some knowledge from this matter.

What is Coinhive?

Coinhive is a tool for mining the cryptcurrency Monero by embedding several lines of JavaScrypt in HTML, thereby moving the CPU of the viewer.
It was attracting attention as a different monetization method from the current advertisement, the following article was a topic at that time.

As you can see there are both pros and cons.
But there is always a doubt about the way the current media filled with advertisement as one media operator, one designer, I felt possibilities as a new option.

What I did before the police called me

Below, I will write what happened in chronological order,
The title is objective fact, the text is details and my impression.

I read an article on the web and introduced Coinhive

In late September 2017, I read an article by GIGAZINE about Coinhive above.
And I tested Coinhive with my web service (Monthly 30000PV, 3000 yen deficit)

The aim was to remove the advertisement to improve the UX.
I repeated the test and adjusted the coinhive settings.

  • Browse comfortably without disturbing usual browsing UX.
  • The CPU does not move unnaturally.

As a result, the above was achieved.

Indeed, There are no complaints or inquiries once except an engineer below.
We kept access number and staying time as same as before introduction.

From the article mentioned above, I knew that I could not expect much earnings, before using Coinhive.
So, it was the main objective to follow the trend of technology rather than it.
The profit after about 10 days has been about 300 yen, XMR/JPY rate at that time.

Published an article about Coinhive introduction

On the day I introduced Coinhive, I wrote an article about Coinhive introducing.
The article is currently being deleted, but this kind of thing was written.

  • There is a cool tool called Coinhive, which may be able to clear the advertisement!
  • Because there are both pros and cons, you should use it moderately.
  • Anyway, I don't know detail of Coinhive until actually trying it, so I will try it for about a month.

A month later, an engineer contacted me

In late October, I got a reply from an engineer to my Twitter account and had the following conversation.

Engineer : Is Coinhive of your website introduced by yourself? Is not it hacked?
If you put it in yourself, it may seem suspicious to the viewer. You'd better inform the viewer about it.

I : That Coinhive is put in myself.
I don't think it is doubtful, but I understand that there is a negative impression, so I will ask permission for mining.

Engineer : Coinhive use with consent is welcome! Thanks!

I : Thank you very much! As a new profit model, I'll do my best to make Coinhive acceptable to everyone!
After that, I attempted to display the notice, but since I had no time to work, I deleted Coinhive after 10 days.

Summary of what I did

  • Introduction of Coinhive(for a little over a month)
  • Wrote an article about Coinhive

In addition, the profit earned finally from Coinhive is less than 1,000 yen. (Minimum withdrawal is 5000 yen, so, I didn't withdraw this.)

What happened before the criminal case

Coinhive introduction is late September, deletion is early November.
The police contacted me about three months later, in early February.

Call from the police

In early February, the police called a phone to me around 10 o'clock.

Police : I would like you to cooperate in investigating an incident.

I : What kind of incident?

Police : It can not be revealed.

I : Well ... I have to work, but for about an hour ....

Police : It's not enough for an hour. Since I'm already in front of your house, will you come out?

I : I'm in Shibuya for work now ....

Police : Well then, I will head to Shibuya from now. I will arrive around 11 o'clock.

I : What!?

I did not think that the telephone from the police comes from '070' number (Japanese mobile phone numbers start with 090, 080, 070, and the police don't use this much),
so I called the police station to see if it was a fraud, but it was really a phone call from the police.

At this point, I thought "My friend was caught up in the incident..."

FYI, If I refused cooperation, I was arrested for being regarded as "fear of escape".

Household search

Then, without any explanation, I was taken to my house with a police wagon car, showed a warrant, and started household search.

Even if I was informed of the charges, I didn't know anything about it, I was watching the my computer operated by the police without knowing anything.

I answered the information about my website.
And after several hours of interaction I realized that Coinhive was the cause.

After that, They checked server information and some account information,

Finally, around 21 o'clock, I became free in the form of "TBA".
I have been investigated for 10 hours that day.

I had a wedding the following week, and I apologized while crying to my wife.

One desktop PC, one laptop, one smartphone was confiscated.

The interrogation at the police station

In early March, I went to Kanagawa pref. from early morning, and interrogated at the police station.

Police : You read scripts in "head" to make Coinhive work on all pages, right?

I : No, scripts reading in the "head" is about timing of scripts reading, so, there is no causal relationship with running Coinhive on all pages.

Police : Huh? You are reading Coinhive scripts on all pages!!

I : It's certain that I read it on all pages, but there are no causal relationship with "head".

Police: You will be disadvantaged if you tell the wrong things! (in very intimidating manner)

I : I'm doing this because I do not want to tell wrong things!!

(Repeat this for 1 hour or more...)

There are a lot of such talks.(Computer,IT knowledge of cyber crime section is....)

In the afternoon, after fingerprinting and measuring my body, there was still an interrogation.
When my interrogation about to end, a man breaks into the interrogation room.

Man : Hey Moro!! Are you reflecting?! (While entering the room)

I : !?

Man : What you did is violating the law! Do you understand??

I : What!? That is ...

Man : Do not dispute it! YOU ARE VIOLATING THE LAW!!!

I : ...uh...

Man : That's why the police are investigating you! It does not matter what you think! DO YOU UNDERSTAND?!

I : well...

Man : You are married and have a wife, aren't you? Do you want to do it again??

I : I will not do it...

Man : You will not do it, so, reflect it properly. (While leaving the room)

There was such a scene, it was shocking.
The other detectives were cautious, such as explanation of the right of silent.
It was shocking to be like this in this era.
I can understand that there are people who confess crimes they don't do.

(The Kanagawa prefectural police were originally poor in reputation.
Previously, they did not notice that a remote controled PC by the criminal,
accidentally arrested some innocent persons, and make him/her confessed a crime they did not do.)

From other detectives who were cautious, there are many pressure like "If you take an attitude that does not fit our will, we call you many times on weekdays and damage your social credibility."

When I think back on it now,

  • As it was an unprecedented case, the police needed to write about me as much as possible "a villain wanting to make money" in the record.
  • In a record, a word is necessary in any way "I am reflecting.". That man was used because I didn't say that.

I talked while thinking that "using Coinhive is certainly a fact, but it isn't a virus."
I thought that "careless remarks were disrespectful to Coinhive's producers" too.
I responded very carefully.

After the interrogation is over, seized things are returned except desktop PC, and I've been released from police station.
(The desktop PC was returned after deletion of all data including OS at a later date.)

The interrogation at the Public Prosecutors Office

​ In late March, I had an interrogation at the Public Prosecutors Office.

The interrogation ended very soon.

"You can do a trial, but what would you do? wouldn't?, so, it's a fine of 100,000 yen "

I'm exhausted both mentally and physically at this point, I let myself go with the flow.

Summary of what happened

  • Household search and seizure of all network equipment.
  • Interrogation at the police station
  • PC returns after all data deleted.
  • Interrogation at the Public Prosecutors Office.
  • Summary order of a fine of 100,000 yen.

Charges of using Coinhive

The use of Coinhive is said to be "Acquisition/Preservation of Electromagnetic Records of Unauthorized Command", aka computer virus crime law,

Penal Code

Chapter XIX-2 Crimes Related to Electromagnetic Records of Unauthorized Command

(Unauthorized Creation of Electromagnetic Records of Unauthorized Command)

Article 168-2 (1)
A person who, without justifiable grounds, makes or provides following electromagnetic records or other records for the purpose of execute on another person's computer shall be punished by imprisonment with work for not more than 3 years or a fine of not more than 500,000 yen.

1. A electromagnetic records that does not operate in accordance with another person's intention, or gives a unauthorized command which act against their intention, when another person uses a computer.
2. In addition to preceding issue, A electromagnetic records or other records that unauthorized command in the preceding issue is written.

(2) The same shall apply to a person who, without justifiable grounds, execute electromagnetic records which of item 1. of the preceding paragraph on another person's computer.
(3) An attempt of the crime prescribed under the preceding paragraph shall be punished.

(Acquisition of Electromagnetic Records of Unauthorized Command)

Article 168-3
A person who, for the purpose prescribed for in paragraph (1) of the preceding Article, Acquisition or preservation of electromagnetic records prescribed for in item 1. or 2. of the same Article shall be punished by imprisonment with work for not more than 2 years or a fine of not more than 300,000 yen.

To briefly mention the requirements of this law,

  • Without justifiable grounds,
  • For the purpose of running on others' computer
  • Created or provided
  • Unauthorized programs(commands) that act against their intention

It is necessary to satisfy all four.

To put it a little more precisely, "Unauthorized program(command) that against their intention" can be separated to "Unauthorized program(command)" and "Program act against their intention".

And, They are both necessary.

I received an explanation from the police that "If you run it on another person's PC without prior permission (or premonition), it is illegal".
However, this interpretation is very ambiguous and not considered about"unauthorized command".
This makes Google Analytics, Google Optimizes and various JavaScript in the world illegal.
Premonition is also different from individual to individual.

And by saying this in "summary prosecution," it will be that almost all of the various "ambiguity" above will be judged just by the police's decision.

My impression

After household search, I fell down enough to think only about things like "I wonder if a car will run over me."
There are household search and interrogation during important events such as wedding ceremonies,
I'm sorry for my wife who changed her precious time only once in her life as worst memory, I lost 3kg weight in one month.

At the interrogation, detective said "What do you think if your parents encountered the Coinhive? You'll be sad, don't you?",
I could only reply "I do not think so ..."
and, I was told "Your sense is strange" this remained in my impression.

In addition, I proposed the deletion of the Coinhive introduction article mentioned above to the police,
but, I was told that "It will be disadvantageous when you do something badly" and I was not able to get permission to remove it easily.
If Coinhive use is charged, I wanted to reduce the number of people committing illegal acts by deleting my articles, but I could not understand the meaning to stop it.
They look as if they want to increase target of investigation for Coinhive for the outcome of the police.

After persuading, I deleted it on 8th February, but at that time I wasn't allowed to write the reason.

I do not want to engage in Kanagawa prefectural police anymore!

From now on

That is all that has happened to me. And I decided to do the trial.
It will be the first Coinhive trial in Japan (and perhaps also in other countries).

To be honest, it is easier to pay 100,000 fines, but as it is, only the precedent that "Coinhive is illegal" remains.
That interpretation might will be changed to "Coinhive is a virus", it will affect to the others.

As mentioned above, the current state "Computer virus crime law" is a fluctuating matter depending on the interpretation of "Unauthorized Command".

If it keeps going as it is, "Coinhive" will be treated as a virus, it will be crushed without trace, with the potential to replace advertisement.
But, "I want Coinhive to disappear because it's annoying!"
After Coinhive disappeared,"I want advertisements coming out from under the smartphone to disappear too!!"
And next, "Google Advertisements!!",and next,"Ptengine", who cares?

And where does it end up with?

There are many JavaScripts that work without premonition.
It may be "jQuery", or it may be "Vue.js", or...

We can not predict the experience that we have not existed so far. "Three.js" may be sarcastic.("Three.js" is a JavaScript 3D graphics library)

This is something like "First they came ...", isn't it?

First they came for the Socialists, and I did not speak out—

Because I was not a Socialist.

Then they came for the Trade Unionists, and I did not speak out—

Because I was not a Trade Unionist.

Then they came for the Jews, and I did not speak out—

Because I was not a Jew.

Then they came for me—and there was no one left to speak for me.

The first stage of this poem seems like Coinhive.

This may sound exaggerated.
However, I didn't think that cyber crime section which doesn't use Crtl+C,V shortcuts, and doesn't know the difference between "head" and "header", could tell a distinction between Coinhive and Vue.js.

In this trial my treatment is not very important.
Even if I try new technology and if it is accused, there is nothing ashamed of this case, there are no victim.

The trial is not a big deal, as it was the hardest time at the time when the house was searched, seized work tools and called many times on weekdays.

Even the results of this trial may not matter.

I would like to do as much as possible so that creators who create new things will not lose, making the operation of the "Computer virus crime law" good thing.

Message from translator: Please know that English is not my native language, and I may make some confusing mistakes.
Please leave comments if you find any mistakes.
Translated by VHGad3WzZolyYx
The original article is here.