Dude gave anyone looking for forensic clues a layup
would lock every employee out of their accounts if his credentials were ever revoked, and named the code IsDLEnabledinAD, as in “Is Davis Lu enabled in Active Directory.”
That’s kind of an easy figure out: look for all the D.L.s in the company and work from there. But then
investigators subsequently found the source code for this program on an internal development server in Kentucky, and that Lu’s user account had been used to execute the malware on the production box. Lu was also the only member of his team who had access privileges for that dev machine.
Dude gave anyone looking for forensic clues a layup
That’s kind of an easy figure out: look for all the D.L.s in the company and work from there. But then
This guy left an easy forensic trail.
Incompetence isn’t a crime. Dude should have written really poorly designed debug code for a ad feature he was working on.
Just enclose your code in while(true)
//FIXME Debugging BG-9731