Aug 22, 2025Ravie LakshmananCybercrime / Malware
A 55-year-old Chinese language nationwide has been sentenced to 4 years in jail and three years of supervised launch for sabotaging his former employer’s community with customized malware and deploying a kill swap that locked out workers when his account was disabled.
Davis Lu, 55, of Houston, Texas, was convicted of inflicting intentional injury to protected computer systems in March 2025. He was arrested and charged in April 2021 for abusing his place as a software program developer to execute malicious code on his employer’s laptop servers.
“The defendant breached his employer’s belief by utilizing his entry and technical data to sabotage firm networks, wreaking havoc and inflicting a whole lot of hundreds of {dollars} in losses for a U.S. firm,” mentioned Appearing Assistant Lawyer Common Matthew R. Galeotti of the Justice Division’s Legal Division.
“Nonetheless, the defendant’s technical savvy and subterfuge didn’t save him from the results of his actions.”
Court docket paperwork present that Lu was employed as a software program developer for the unnamed firm primarily based in Ohio from November 2007 to October 2019. However after his duties and system entry have been lowered following a 2018 company realignment, Lu enacted a scheme to intentionally introduce malicious code round August 2019, leading to system crashes and stopping consumer logins.
To drag this off, Lu is claimed to have created infinite loops in supply code to set off server crashes by repeatedly creating new Java threads with out correct termination. He additionally deleted coworker profile recordsdata and applied a kill swap that will lock out all customers if his credentials within the firm’s Lively Listing have been disabled.
“The ‘kill swap’ code – which Lu named ‘IsDLEnabledinAD,’ abbreviating ‘Is Davis Lu enabled in Lively Listing’ — was routinely activated when he was positioned on depart and requested to give up his laptop computer on September 9, 2019, and impacted hundreds of firm customers globally,” the Division of Justice mentioned.
“Lu named different code ‘Hakai,’ a Japanese phrase that means ‘destruction,’ and ‘HunShui,’ a Chinese language phrase that means ‘sleep’ or ‘lethargy.'”
Moreover, on the day Lu was instructed to return his company-issued laptop computer, the defendant deleted encrypted volumes and tried to erase Linux directories and two further tasks. His web search historical past laid naked the strategies he researched to escalate privileges, disguise processes, and delete recordsdata, suggesting an try and hinder the corporate’s efforts to resolve the problems.
Lu’s illegal actions are estimated to have value the corporate a whole lot of hundreds of {dollars} in losses, per the division. This case additionally underscores the significance of figuring out insider threats early, added Assistant Director Brett Leatherman of the Federal Bureau of Investigation’s (FBI) Cyber Division.
