A software developer was sentenced to four years in prison for sabotaging his ex-employer’s Windows network using custom malware and a kill switch that disabled users’ accounts. The attack resulted in significant system outages and financial losses for the company. #DavisLu #ActiveDirectory #EatonCorporation
Keypoints
- The attacker embedded malicious code in the company’s Windows environment after being demoted and restructuring occurred.
- He created a kill switch called “IsDLEnabledinAD” to lock out all users once his account was disabled.
- The malware included an infinite Java thread loop to overwhelm servers and crash systems.
- Lu deleted encrypted data and searched for ways to escalate privileges and hide processes on his device.
- He was sentenced to four years in prison and will serve three additional years of supervised release.