Davies Lu (Davis Lu)

Biography

2025: Virus Deployment in Eaton Servers

A fired employee of Eaton Corporation injected a virus into the company's servers, which led to a halt in production and the destruction of work accounts. This became known in March 2025. A jury in Cleveland convicted software developer Davis Lou, who, disagreeing with the demotion, created and launched the malware. As a result of the attack in 2019, thousands of employees lost access to accounts, and production systems were paralyzed.

Davis Lou worked for Eaton Corporation from 2007 to 2019. The company specializes in energy management and has offices around the world. In 2019, as a result of corporate restructuring, the programmer was demoted, which caused his dissatisfaction.

𝓲

Фото: Wikipedia

The investigation showed that in the summer of 2019, Lu began to introduce his own developed malware into one of the company's production systems. He created a Java program containing infinite loops that overloaded server resources. This code caused critical system malfunctions and blocked the ability to authorize users.

Law enforcement found malware source code on an internal development server in Kentucky. The investigation confirmed that Lou's account was used to run the malware. An important circumstance of the case was that it was this programmer who was the only member of the team who had privileged access to the server.

In addition to creating a program that overloads servers, Lou developed code that destroyed other users' files. The most destructive element of his actions was the creation of the so-called "emergency switch" - a script called IsDLEnabledinAD, which automatically triggered when Lou's account in the corporate system was disabled. Active Directory Windows^[1]

Notes