CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Developer Davis Lu sentenced for sabotage of ex-employer's Windows network

First reported
Last updated
πŸ“° 2 unique sources, 2 articles

Summary

Hide β–²

A 55-year-old software developer, Davis Lu, was sentenced to four years in prison for embedding malicious code and a kill switch in his ex-employer's Windows network. The sabotage occurred after Lu's termination in 2019, causing widespread disruption and financial losses. Lu worked for Eaton Corporation from 2007 until his termination in 2019. The malicious code included an infinite Java thread loop designed to overwhelm servers and crash production systems. Additionally, Lu created a kill switch that locked out all users when his account was disabled. Lu's actions resulted in significant financial losses and operational disruptions for Eaton Corporation. The sabotage was discovered after Lu's termination, and subsequent investigations revealed his malicious activities. Lu was convicted in March 2025 and arrested in April 2021 for the sabotage.

Timeline

  1. 22.08.2025 02:46 πŸ“° 2 articles Β· ⏱ 25d ago

    Davis Lu sentenced for sabotage of ex-employer's Windows network

    Davis Lu, a 55-year-old software developer and Chinese national residing in Houston, Texas, was sentenced to four years in prison for embedding malicious code and a kill switch in his ex-employer's Windows network. The sabotage occurred after Lu's termination in 2019, causing widespread disruption and financial losses. Lu worked for Eaton Corporation from 2007 until his termination in 2019. The malicious code included an infinite Java thread loop designed to overwhelm servers and crash production systems. Additionally, Lu created a kill switch that locked out all users when his account was disabled. Lu's actions resulted in significant financial losses and operational disruptions for Eaton Corporation. The sabotage was discovered after Lu's termination, and subsequent investigations revealed his malicious activities. Lu was convicted in March 2025 and arrested in April 2021 for the sabotage. The malicious code was introduced around August 2019 after a corporate realignment in 2018. Lu named the kill switch 'IsDLEnabledinAD' and other malicious code 'Hakai' and 'HunShui'. Lu's actions resulted in hundreds of thousands of dollars in losses for Eaton Corporation. Lu attempted to delete encrypted volumes and Linux directories from his laptop on the day he was asked to return it. Lu's internet search history showed attempts to escalate privileges, hide processes, and delete files.

    Show sources
    Open in new tab

Information Snippets