A Texas man was convicted on Friday for building and deploying malware to sabotage his employer’s computer systems.
The man, Davis Lu, 55, of Houston, worked as a software developer for the victim company for 12 years, and started sabotaging the employer’s network in 2018, after a corporate realignment that restricted his system access.
According to evidence presented in court, by August 2019, Lu deployed on the victim company’s systems code that caused crashes by exhausting system resources through the creation of new threads without proper termination, leading to infinite loops.
Lu also deployed malicious code that deleted employee profile files, and implemented a ‘kill switch’ that blocked all user logins once his credentials were disabled in the company’s Active Directory.
The code, named ‘IsDLEnabledinAD’, an abbreviation of ‘Is Davis Lu enabled in Active Directory’, was activated on September 9, 2019, when Lu was terminated, and affected thousands of users worldwide.
Furthermore, the defendant deleted encrypted data from his company-issued laptop when directed to turn it in.
Documents presented in court also showed that Lu researched on the internet methods to “escalate privileges, hide processes, and rapidly delete files”, suggesting that he was looking for means to prevent co-workers from addressing system disruptions.
Lu’s actions resulted in hundreds of thousands of dollars in losses for the victim company. He was convicted for intentional computer damage and faces up to 10 years in prison. A sentencing date has not been set.
The victim organization, which was not named by the Department of Justice, is reportedly the power management giant Eaton Corporation.
Related: Nigerian Accused of Hacking Tax Preparation Firms Extradited to US
Related: Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks
Related: Convicted Cybercriminals Included in Russian Prisoner Swap
Related: California Man Convicted for Stealing Millions From DoD via Phishing Scheme
