Particle.news
Download on the App Store
15 ARTICLES
·
5d ago

Ex-Developer Sentenced to Four Years for Planting 'Kill Switch' That Crippled Employer's Network

Prosecutors said he embedded code that locked out users when his account was disabled, underscoring insider‑threat risks.

An image about Developer sentenced to prison after nuking corporate network with revenge malware
Red emergency button and stop at factory
blank
Image

Overview

  • U.S. District Judge Pamela A. Barker sentenced Davis Lu, 55, to 48 months in prison plus three years of supervised release on Aug. 21 after a March 2025 jury conviction.
  • The 'IsDLEnabledinAD' trigger fired on Sept. 9, 2019 when Lu’s Active Directory access was cut, blocking logins for thousands of users across the company’s global network.
  • Court filings detail added sabotage including infinite Java thread loops that crashed servers, coworker profile deletions, and laptop wipes that made encrypted data unrecoverable.
  • Investigators said Lu researched privilege escalation, process hiding, and rapid file deletion, and the company incurred losses in the hundreds of thousands of dollars; restitution will be set later.
  • The FBI Cleveland Field Office led the probe, and DOJ’s CCIPS with the Northern District of Ohio prosecuted the case; a July ruling denied Lu’s motion for a new trial, clearing the way for sentencing.