malicious code

developer-gets-4-years-for-activating-network-“kill-switch”-to-avenge-his-firing

Developer gets 4 years for activating network “kill switch” to avenge his firing

cybercrime, developer, kill switch, malicious code, Policy / /

“The defendant breached his employer’s trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a U.S. company,” Galeotti said.

Developer loses fight to avoid prison time

After his conviction, Lu moved to schedule a new trial, asking the court to delay sentencing due to allegedly “surprise” evidence he wasn’t prepared to defend against during the initial trial.

The DOJ opposed the motion for the new trial and the delay in sentencing, arguing that “Lu cannot establish that the interests of justice warrant a new trial” and insisting that evidence introduced at trial was properly disclosed. They further claim that rebuttal evidence that Lu contested was “only introduced to refute Lu’s perjurious testimony and did not preclude Lu from pursuing the defenses he selected.”

In the end, the judge denied Lu’s motion for a new trial, rejecting Lu’s arguments, siding with the DOJ in July, and paving the way for this week’s sentencing. Giving up the fight for a new trial, Lu had asked for an 18-month sentence, arguing that a lighter sentence was appropriate since “the life Mr. Lu knew prior to his arrest is over, forever.”

“He is now a felon—a label that he will be forced to wear for the rest of his life. His once-promising career is over. As a result of his conduct, his family’s finances have been devastated,” Lu’s sentencing memo read.

According to the DOJ, Lu will serve “four years in prison and three years of supervised release for writing and deploying malicious code on his then-employer’s network.” The DOJ noted that in addition to sabotaging the network, Lu also worked to cover up his crimes, possibly hoping his technical savvy would help him evade consequences.

“However, the defendant’s technical savvy and subterfuge did not save him from the consequences of his actions,” Galeotti said. “The Criminal Division is committed to identifying and prosecuting those who attack US companies whether from within or without, to hold them responsible for their actions.”

Developer gets 4 years for activating network “kill switch” to avenge his firing Read More »

developer-convicted-for-“kill-switch”-code-activated-upon-his-termination

Developer convicted for “kill switch” code activated upon his termination

IT workers, kill switch, malicious code, Policy, software developer / /

A 55-year-old software developer faces up to 10 years in prison for deploying malicious code that sabotaged his former employer’s network, allegedly costing hundreds of thousands of dollars in losses.

The US Department of Justice announced Friday that Davis Lu was convicted by a jury after “causing intentional damage to protected computers” reportedly owned by the Ohio- and Dublin-based power management company Eaton Corp.

Lu had worked at Eaton Corp. for about 11 years when he apparently became disgruntled by a corporate “realignment” in 2018 that “reduced his responsibilities,” the DOJ said.

His efforts to sabotage their network began that year, and by the next year, he had planted different forms of malicious code, creating “infinite loops” that deleted coworker profile files, preventing legitimate logins and causing system crashes, the DOJ explained. Aiming to slow down or ruin Eaton Corp.’s productivity, Lu named these codes using the Japanese word for destruction, “Hakai,” and the Chinese word for lethargy, “HunShui,” the DOJ said.

But perhaps nothing was as destructive as the “kill switch” Lu designed to shut down everything if he was ever terminated.

This kill switch, the DOJ said, appeared to have been created by Lu because it was named “IsDLEnabledinAD,” which is an apparent abbreviation of “Is Davis Lu enabled in Active Directory.” It also “automatically activated” on the day of Lu’s termination in 2019, the DOJ said, disrupting Eaton Corp. users globally.

Developer convicted for “kill switch” code activated upon his termination Read More »