People love a good revenge story. A character with a particular set of skills (and appropriately chiseled cheekbones) seeking revenge against someone who wronged them is enough to get practically any movie or show green-lit. But a software engineer who used his skills against his former employer has learned the hard way that neither law enforcement nor a jury of his peers find vengeance as compelling as Hollywood. In fact it landed him with four years in prison.
The engineer in question is Davis Lu. He worked at a company called Eaton Corporation from 2007 to 2019. The company says on its website that it employs more than 92,000 people around the world and had $24.9 billion in sales in 2024. That's a massive organization—and apparently Lu thought he should devise a way to disrupt its operations if he ever found himself forced into seeking new employment.
The Justice Department said that a month before Eaton let him go, Lu "created 'infinite loops' (in this case, code designed to exhaust Java threads by repeatedly creating new threads without proper termination, resulting in server crashes or hangs), deleted co-worker profile files, and implemented a 'kill switch' that would lock out all users if his credentials in the company’s active directory were disabled."
It's kind of impressive that Lu found a way to set up this "kill switch" without arousing suspicion. He doesn't seem to have a natural proclivity for subterfuge, however, with the Justice Department saying the function used to activate the kill switch was called "IsDLEnabledinAD"—"is Davis Lu enabled in Active Directory"—and was "automatically activated when he was placed on leave and asked to surrender his laptop."
Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.
