Hacker News

851 readers

573 users here now

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

founded 6 months ago

MODERATORS

[email protected]

Developer sabotaged ex-employer with kill switch that activated when fired (www.theregister.com)

submitted 2 days ago by [email protected] to c/[email protected]

6 comments fedilink hide all child comments

Comments

top 6 comments

sorted by: hot top controversial new old

[–] [email protected] 12 points 2 days ago (1 children)

Dude gave anyone looking for forensic clues a layup

would lock every employee out of their accounts if his credentials were ever revoked, and named the code IsDLEnabledinAD, as in "Is Davis Lu enabled in Active Directory."

That's kind of an easy figure out: look for all the D.L.s in the company and work from there. But then

investigators subsequently found the source code for this program on an internal development server in Kentucky, and that Lu's user account had been used to execute the malware on the production box. Lu was also the only member of his team who had access privileges for that dev machine.

This guy left an easy forensic trail.

[–] [email protected] 13 points 2 days ago (1 children)

Incompetence isn't a crime. Dude should have written really poorly designed debug code for a ad feature he was working on.

[–] [email protected] 5 points 2 days ago (1 children)

Just enclose your code in while(true)

[–] [email protected] 6 points 2 days ago

//FIXME Debugging BG-9731

[–] [email protected] 6 points 2 days ago

There was something amiss before. Nobody starts compromising the system just a few months before getting fired.

he was demoted

That also indicates there's more to the story than it seems.

[–] [email protected] 1 points 2 days ago

i was wondering if it was possible lol