A software developer has been found guilty of sabotaging his ex-employer's systems by running custom malware and installing a "kill switch" after being demoted at the company.
Davis Lu, 55, of Houston, was a software developer for an Ohio company, reportedly Eaton Corp, from November 2007 to October 2019.
Eaton Corporation is a global power management company that provides electrical, hydraulic, and mechanical solutions for various industries.
Following a corporate restructuring in 2018, Lu lost responsibilities at his job and was found guilty of sabotaging his employer's computer systems and network with custom malware and kill switches.
The malicious activities included code that ran in an "infinite loop," exhausting a production server's resources and eventually causing the system to crash and prevent user logins. These infinite loops were designed to exhaust Java threads by repeatedly generating new threads without proper termination.
According to Lu's indictment, Lu also deleted coworker's user profiles and implemented a "kill switch" that would lock out all users if his account in the company's Windows active directory was disabled. The "kill switch" code, named "IsDLEnabledinAD," was an abbreviation of "Is Davis Lu enabled in Active Directory."
This kill switch was automatically triggered when Lu was terminated on September 9, 2019, causing thousands of employees to lose access to systems.
On the day he was directed to return his company laptop, Lu reportedly deleted encrypted data.
The DOJ says internet search queries also revealed that Lu had been researching ways to elevate privileges, hide processes, and quickly delete files.
The Department of Justice says that Lu's activities and system disruption cost the company hundreds of thousands of dollars.
A jury convicted Lu of causing intentional damage to protected computers, a charge that carries a maximum penalty of 10 years in prison. A sentencing date has not been set.
Break down IAM silos like Bitpanda, KnowBe4, and PathAI
Broken IAM isn't just an IT problem - the impact ripples across your whole business.
This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.
Comments
Xetwnk - 9 months ago
Actually, that engineer's actions seem only fair. As any software engineer will tell you, your employer, or even your own manager, will screw you as soon as look at you, and it's only right that you should have some leverage in return. Hiding code in your employer's systems, that triggers, and breaks important things, the minute your name disappears from payroll records, is an old, cherished, long-standing tradition among computer programmers. Thus, in a way, I could argue that it's a sacred duty to honor your predecessors in this way.
Besides, it's only illegal because the rules are made by the employers and favor their side. If the software engineers had a proper voice, and the bargaining table were actually level, inserting self-protective code into the systems would be not only legal but required. " You MUST insert code in your employer's systems that won't work without you.". I I am currently retired but if I ever had to go back to work, I am now feisty enough to insist on something like this as a condition of my employment." You may have the advantage of my expertise, And skill, on the condition that I insert dead-man switch code in everything I create, to guarantee that you keep me employed, And treat me well, until _I_ am good and damn -well ready to leave.". ("At will" employment laws were also written for the benefit of the employers. To that I can only say, "at will, schmat-schmill": that s*** was weaponized against the worker, decades ago.
If I won't hire you knowing that you're going to insert back doors, the next best thing you can do is play innocent but obfuscate the s*** out of your architecture and code, so that nobody else can decipher, maintain, or update it except you. This has the advantage of plausible deniability "It wasn't on purpose; that's just literally the way I think!" (For me, anyway, that happens to be literally true; crazy, oddball, designs that nobody else would ever come up with, Are what come naturally to me; it's the tidy, clean, by the book, stuff that I really struggle to make.) At the very least, you can make firing you expensive and annoying.
Besides, if worse comes to worst, I'm sure it wouldn't be difficult to hook up with some Chinese hackers that could inject you right back into the ba*ds' systems, to work your nefarious revenge after the fact.
;-)
leexgx - 9 months ago
That's an odd post (it's totally illegal, for company and the law)
curael - 9 months ago
Cool story bro, that's insane, lol
ChipBoundary - 9 months ago
You are absolutely unhinged. You do realize "At Will" works both ways, right? Prior to that you couldn't just quit when you wanted to. Unions = bad. They only help you when it helps line their pockets. Car prices are through the roof solely because of the UAW. The profit margins on cars are nowhere near what people think they are.
By your logic, if you started a company tomorrow, your employees should be able to install malware on your computers that goes off when/if you fire them. You sound like a bitter, angry person that never grew up.
Jretsiem - 9 months ago
I knew a guy who worked as a software engineer for a company that sanitized medical equipment. They started treating him like s**t when he began questioning their dangerous and illegal activities. Management knowingly exposed employees to hazardous gases, even telling them to remove their detection badges so exposure wouldn’t be recorded.
One day, he discovered that the entire HR department’s computer was shared, unprotected, on the open WiFi network. It contained all employee files, including a spreadsheet called "passwords"—which, incredibly, held usernames and passwords for all sorts of services, both business and personal. Retirement accounts, banking info, everything.
He knew things were heading south. Then, one day, he stepped away to the restroom. When he returned, his work computer was gone. Moments later, the company president appeared with the classic “It’s just not working out” speech—after three years of employment, no less.
What they didn’t know was that he had seen this coming. His computer had already been wiped and rewritten, replacing every file with a special text message for the poor soul searching for his work. His desk had been quietly cleared out weeks prior, just waiting for this moment.
The best part? He still had access to all company emails, letting him sit back and enjoy the aftermath as panic set in.
ChipBoundary - 9 months ago
So, instead of turning them in like a sane person...he hatched some pathetic revenge plot that put people's livelihoods at risk?
ChipBoundary - 9 months ago
Ten years max? Absolutely ridiculous. There is SO much more they could charge him with, and should. Lock him up and throw away the key. He could have gotten a new job in minutes after having worked for a company like Eaton...instead he loses his freedom and his ability to work forever.
deltasierra - 9 months ago
It would be one thing to have a targeted vengeance, i.e. time bomb your boss. Screwing over the company and therefore customers is not justified.
As mentioned, it's at-will employment; don't like your job, then get another one. Instead, it's prison time for Mr. Lu... did he really think he wouldn't get caught, or just didn't care?