Developer sabotaged ex-employer with kill switch that activated when fired (www.theregister.com)

submitted 3 weeks ago by rssbot@lemmy.bestiver.se to c/hackernews@lemmy.bestiver.se

6 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] RegularJoe@lemmy.world 12 points 3 weeks ago

Dude gave anyone looking for forensic clues a layup

would lock every employee out of their accounts if his credentials were ever revoked, and named the code IsDLEnabledinAD, as in "Is Davis Lu enabled in Active Directory."

That's kind of an easy figure out: look for all the D.L.s in the company and work from there. But then

investigators subsequently found the source code for this program on an internal development server in Kentucky, and that Lu's user account had been used to execute the malware on the production box. Lu was also the only member of his team who had access privileges for that dev machine.

This guy left an easy forensic trail.

[-] jet@hackertalks.com 13 points 3 weeks ago

Incompetence isn't a crime. Dude should have written really poorly designed debug code for a ad feature he was working on.

[-] Arbiter@lemmy.world 5 points 3 weeks ago

Just enclose your code in while(true)

[-] jet@hackertalks.com 6 points 3 weeks ago

//FIXME Debugging BG-9731

this post was submitted on 08 Mar 2025

34 points (97.2% liked)

Hacker News

1107 readers

367 users here now

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

founded 6 months ago

MODERATORS

patrick@lemmy.bestiver.se

rssbot@lemmy.bestiver.se