- A software developer has sabotaged his employer after being demoted
- Davis Lu has created a “killing switch” that would lock all users
- He was sentenced to four years in prison and to three years of supervised leave
An unhappy worker was sentenced to four years in prison after having installed “Kill Switch” malware on the network of his employer who was to trigger if he had already lost access to the network.
According to a press release from the Ministry of Justice (DOJ), a Chinese national named Davis Lu worked for an unnamed software company between November 2007 and October 2019. In early August 2019, it introduced malware that crushed systems and prevented other users from connecting.
The court documents also revealed that he had created “infinite loops” which crushed the servers, deleted colleague profile files and finally built a “killing switch” which would lock all users if his access to Active Directory was revoked. In early September 2019, he was invited to make his laptop, after which the killing switch was triggered.
Hundreds of thousands of dollars in damages
Investigators found many incriminating evidence on this laptop, including that of the day he returned his device – he deleted the encrypted data.
An analysis of its research history has shown that it was looking for ways to climb privileges, hide processes and quickly delete files. Finally, the Kill Switch code was appointed Isdlenabledinad, abbreviation of “is davis read activated in Active Directory”.
One month after the dissemination of malicious software, LU was arrested, and was then tried in front of the jury.
During the trial, it was shown that the LU employer had undergone “hundreds of thousands of dollars” as losses, as a direct consequence of his actions. Now, Lu will spend four years in prison, with three additional years of supervised release.
“The FBI works tirelessly every day to ensure that cyber-actors deploy the malicious code and harm American companies are faced with the consequences of their actions,” said Deputy Director Brett Leatherman of the FBI cyber-division.
“I am proud of the work of the FBI Cyber Team which led to the conviction of today and I hope that it sends a strong message to other people who can consider engaging in similar illegal activities. This case also highlights the importance of identifying threats of initiates early and highlights the need for a proactive commitment with your local FBI office to attract risks and prevent more damage. ”
Via The register
