A federal jury has convicted a Houston man of deliberately deploying malicious code that crashed computer systems and locked out thousands of users at his former employer, a software company based in Beachwood, Ohio.
D.L., 55, was found guilty of causing intentional damage to protected computers, a felony offense that carries a maximum sentence of 10 years in prison. A sentencing date has not yet been scheduled.
According to evidence presented at trial, D.L. worked as a software developer at the company from 2007 until his termination in 2019. After a corporate restructuring in 2018 reduced his responsibilities and access, prosecutors said he began secretly sabotaging internal systems.
On Aug. 4, 2019, D.L. introduced code that created “infinite loops”—a programming tactic that overwhelmed servers by spawning unending processes, resulting in repeated crashes and login failures. He also deleted coworker profile files and built a “kill switch” into the network that would lock out all users if his account was ever deactivated.
That kill switch was triggered automatically on Sept. 9, 2019, the day D.L. was terminated. The code, which he labeled “IsDLEnabledinAD,” caused widespread disruption to the company’s operations, affecting users globally. Other malicious scripts he created were named “Hakai” and “HunShui,” meaning “destruction” in Japanese and “sleep” or “lethargy” in Chinese.
Before returning his company laptop, D.L. deleted encrypted data and used online resources to research how to escalate privileges, conceal malicious processes, and rapidly remove files. Prosecutors said his actions cost the company hundreds of thousands of dollars.
The case was investigated by the FBI’s Cleveland Field Office and prosecuted by the Department of Justice’s Computer Crime and Intellectual Property Section and the U.S. Attorney’s Office for the Northern District of Ohio.
D.L. will be sentenced by a federal district judge, who will consider the U.S. Sentencing Guidelines and other statutory factors.
