1. Forum
  2. Usenet
  3. COMP.OS.LINUX.ADVOCACY

  • Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-S

    From Biden Employment Agency@21:1/5 to All on Mon Sep 1 10:37:12 2025
    XPost: alt.comp.os.windows-11, alt.politics.immigration, sac.politics
    XPost: talk.politics.guns

    A 55-year-old Chinese national has been sentenced to four years in prison
    and three years of supervised release for sabotaging his former employer's network with custom malware and deploying a kill switch that locked out employees when his account was disabled.

    Davis Lu, 55, of Houston, Texas, was convicted of causing intentional
    damage to protected computers in March 2025. He was arrested and charged
    in April 2021 for abusing his position as a software developer to execute malicious code on his employer's computer servers.

    The name of the company was not disclosed, but Cleveland.com revealed he
    was employed at Eaton Corporation, a multinational power management
    company that's headquartered in Beachwood, Ohio.

    "The defendant breached his employer's trust by using his access and
    technical knowledge to sabotage company networks, wreaking havoc and
    causing hundreds of thousands of dollars in losses for a U.S. company,"
    said Acting Assistant Attorney General Matthew R. Galeotti of the Justice Department's Criminal Division.

    "However, the defendant's technical savvy and subterfuge did not save him
    from the consequences of his actions."

    Court documents show that Lu was employed as a software developer for the unnamed company based in Ohio from November 2007 to October 2019. But
    after his responsibilities and system access were reduced following a 2018 corporate realignment, Lu enacted a scheme to deliberately introduce
    malicious code around August 2019, resulting in system crashes and
    preventing user logins.

    To pull this off, Lu is said to have created infinite loops in source code
    to trigger server crashes by repeatedly creating new Java threads without proper termination. He also deleted coworker profile files and implemented
    a kill switch that would lock out all users if his credentials in the
    company's Active Directory were disabled.

    "The 'kill switch' code � which Lu named 'IsDLEnabledinAD,' abbreviating
    'Is Davis Lu enabled in Active Directory' � was automatically activated
    when he was placed on leave and asked to surrender his laptop on September
    9, 2019, and impacted thousands of company users globally," the Department
    of Justice said.

    "Lu named other code 'Hakai,' a Japanese word meaning 'destruction,' and 'HunShui,' a Chinese word meaning 'sleep' or 'lethargy.'"

    Furthermore, on the day Lu was instructed to return his company-issued
    laptop, the defendant deleted encrypted volumes and attempted to erase
    Linux directories and two additional projects. His internet search history
    laid bare the methods he researched to escalate privileges, hide
    processes, and delete files, suggesting an attempt to obstruct the
    company's efforts to resolve the issues.

    Lu's unlawful actions are estimated to have cost the company hundreds of thousands of dollars in losses, per the department. This case also
    underscores the importance of identifying insider threats early, added Assistant Director Brett Leatherman of the Federal Bureau of
    Investigation's (FBI) Cyber Division.

    https://thehackernews.com/2025/08/ex-developer-jailed-four-years-for.html

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)