CyberSecurity news
FlagThis
@cyberalerts.io
//
Davis Lu, a 55-year-old software developer from Houston, Texas, has been convicted in federal court for sabotaging the computer systems of his former employer, Eaton Corp, after a demotion in 2018 led to reduced responsibilities and system access. Lu, who worked for the company from November 2007 to October 2019, introduced malicious code onto the company's production systems starting in August 2019. This code included "infinite loops" designed to exhaust Java threads, causing system crashes and preventing user logins. Lu also wrote code to delete coworker profile files and implemented a "kill switch" that would lock out all users if his credentials in the company's active directory were disabled.
The "kill switch," named "IsDLEnabledinAD" (abbreviating "Is Davis Lu enabled in Active Directory"), was automatically activated upon his termination on Sept. 9, 2019, impacting thousands of company users globally. Additional code was named "Hakai," meaning "destruction" in Japanese, and "HunShui," meaning "sleep" or "lethargy" in Chinese. On the day he was directed to turn in his company laptop, Lu deleted encrypted data and his internet search history revealed that he had researched methods to escalate privileges, hide processes, and rapidly delete files, indicating an intent to obstruct efforts of his co-workers to resolve the system disruptions. Lu now faces a maximum penalty of 10 years in prison for causing intentional damage to protected computers.
ImgSrc: www.bleepstatic
References :
The "kill switch," named "IsDLEnabledinAD" (abbreviating "Is Davis Lu enabled in Active Directory"), was automatically activated upon his termination on Sept. 9, 2019, impacting thousands of company users globally. Additional code was named "Hakai," meaning "destruction" in Japanese, and "HunShui," meaning "sleep" or "lethargy" in Chinese. On the day he was directed to turn in his company laptop, Lu deleted encrypted data and his internet search history revealed that he had researched methods to escalate privileges, hide processes, and rapidly delete files, indicating an intent to obstruct efforts of his co-workers to resolve the system disruptions. Lu now faces a maximum penalty of 10 years in prison for causing intentional damage to protected computers.
ImgSrc: www.bleepstatic
Share:
References :
- DataBreaches.Net: Texas Man Convicted of Sabotaging his Employer’s Computer Systems and Deleting Data
- The Register - Software: Developer sabotaged ex-employer with kill switch activated when he was let go
- www.bleepingcomputer.com: Developer guilty of using kill switch to sabotage employer's systems
Classification:
- HashTags: #InsiderThreat #Cybercrime #Sabotage
- Company: Eaton Corp
- Target: Eaton Corp
- Attacker: Davis Lu
- Product: Computer Systems
- Feature: kill switch
- Malware: kill switch
- Type: Hack
- Severity: Major