back to article Sysadmin jailed for 30 months over failed logic bomb

A former sysadmin at Medco Health Solutions, a US prescription management and health information firm, has been jailed for 30 months over a failed attempt to destroy its systems using a "logic bomb" computer virus. Yung-Hsun Lin, 51, of Montville, New Jersey, was sentenced this week after earlier pleading guilty to booby- …

COMMENTS

This topic is closed for new posts.
  1. Omer Ozen
    Paris Hilton

    D'oh!

    What a muppet.

    He should have QA'd his program before going live.

  2. N1AK

    What an idiot

    He didn't get fired but still let the logic bomb activate!?

    I can 'sort' of understand why a jilted employee might do something like this however stupid the action might be, but this guy's actions are practically incomprehensible.

    Certainly deserves the sentence he got, which is practically a first for western justice.

  3. Greg

    Compensation?

    If it didn't go off, what the hell's he paying $81k in compensation for?

    And if he can't even code file-deleting malware properly, he should have lost his job ages ago for just being crap.

  4. John Macintyre

    sounds like..

    he was jailed for being such a muppet to be fair. He keeps his job, so rather than back down he sets it to go off in a years time instead? Did he actually want the job? Surely if you're in a job you wouldn't want to risk it? Would have been easier to fire him, have the thing fail to go off and be rid of the guy.

    Has to be kinda smart to write it though, just not smart enough to hide it or remove it for a year - why wouldn't it get noticed in a year? I know it would be a low chance but a chance nontheless, and once it goes off his sig will be all over it, when he'll probably just be shot as it'd be easier.

    Try finding another job now sucker... unless he joins an anti virus/malware firm

  5. Anonymous Coward
    Pirate

    Hmmm

    "When the code failed to launch in April 2004 because of coding flaws, Yung-Hsun (who survived a round of lay-offs)"

    So let me get this straight... when he wasn't made redundant, he didn't think to remove his bomb... what would he have done if it had gone off?

    This to me shows malicious intent rather than merely the expected desire of retribution that he claimed.

    He should be banged up for longer.

    Not for doing it, but for doing it in such a way that 1: they found it and 2: they knew it was him.

    Now, if it was the BOFH it would be different - he would have switched some inventory DB so people got the wrong drugs, particularly ones that his bosses needed/were skimming off the top.

  6. Syren Baran
    Coat

    @John Macintyre

    >Try finding another job now sucker... unless he joins an anti virus/malware firm

    So, what is he supposed to do there? Protect us from virii that dont work?

  7. Dr. Mouse

    @John Macintyre

    "Try finding another job now sucker... unless he joins an anti virus/malware firm"

    Erm, I doubt it. Even they wouldnt want an INCOMPETENT malware author on their books.

    Sounds like he's a dick. Surely he could have hidden it better than that, and if you are going to do such a thing, you should at the very least make sure it isnt tracable back to you! Imagine using your own birthday! Use your bosses birthday, or the MD's, or the Queen's... anyones but your own! Thats what I would do.

    He's stupid, and deserves prison.

  8. Alan W. Rateliff, II
    Thumb Down

    No job for you...

    It doesn't sound like he a real VXer. His "malware" was found among other scripts in the system. Sounds to me like he just wrote a batch file or shell script, or something of that ilk.

    Nah, he won't make first round draft picks for certain.

  9. Leo Davidson

    Re: Compensation?

    > If it didn't go off, what the hell's he paying $81k in compensation for?

    Removing the offensive code, and auditing the rest of the code to make sure there isn't more like it, isn't free. Nor is the hit to the firm's reputation when (potential) customers hear about what almost happened.

  10. Chris C

    re: Compensation?

    "If it didn't go off, what the hell's he paying $81k in compensation for?"

    Probably for scrubbing the system. Once you find malware in your system, and especially once you realize it's your sysadmin who put it there, you can no longer trust the system. A that point, you must do a thorough validation of everything in the system, every file, every script line-by-line. That is most likely what the $81k was for. And considering they probably wanted/needed it done ASAP, there was probably a lot of overtime, so $81k probably isn't unreasonable.

  11. tim chubb
    Coat

    probably just a bat file on schedule

    something like this probably

    cd\

    del /q/s *.mdb

    del /q/s *.xls

    del /q/s *.doc

  12. wellgroomedwookiee

    Overlooked?

    "The data included a patient-specific drug interaction conflict database..."

    Call me harsh, but I would have charged him with as many counts of attempted murder as there are potentially fatal allergies or interactions on that list.

    Deleting the payroll and billing data, yes, that screws the company. It's a bit of a stretch to justify killing off the customers though, unless he's hoping for lawsuits from bereaved realtives (which, this being America, might actually be quite likely).

  13. Daniel Voyce
    Coat

    Logic Bomb?

    haha - I bet it was something lame like a cron job.

    Come on - I bet we have all been tempted to do that at least once in our careers? This poor guy just got busted thats all!

  14. Fenwar
    IT Angle

    "logic bomb"

    That sounds all very sophisticated and hacker-ish... but what are the odds it was a windows scheduled task to run something like rmdir, only it didn't work because he forgot the quiet flag?

  15. Anonymous Coward
    Alert

    DOH!

    Every BOFH knows how to cover one's tracks! What a stupid ass for not having a PFY to be the blame for the problem.

  16. Dave Foster

    darkside

    So he made a mess of the programming. Sounds like he is ideal for an IT job working for the British Government.

  17. JASR
    Coat

    30 months for a failed logic bomb

    I wonder how long he would have got if the logic had succeeded.

    10 months (+ time off for good behaviour, so probably a week...) and a Web 2.0 job of his choice - Writing Facebook adware API's?

  18. Cameron Colley

    What an idiot.

    Never write anything malicious as yourself, never pu tit anywhere you're responsible for -- never let it have your name on it.

    In fact -- just don't bother, find somewhere else to work.

  19. andy rock
    Happy

    @Greg

    "And if he can't even code file-deleting malware properly, he should have lost his job ages ago for just being crap."

    too bloody right! shocking behaviour.

  20. Anonymous Coward
    Anonymous Coward

    File still (not) found

    Tut! Why delete the data ... he should have downloaded the databases onto DVD/CDs and posted them to the IRS, or even better to our National Audit Office for us to loose!

  21. Doc Technical

    Really awful bomb

    Just deleting data willy-nilly? How very low-rent. The trick is to introduce a small amount of random corruption (say, transposing a couple of digits in a numeric field so it looks like a keying error) slowly, over a long period, so by the time it's discovered (which will hopefully be about they time they're migrating the data to a new system altogether) it's far to late to do anything about it, and none of the audits will ever match out.

    Not that I'd do anything like that.

  22. J
    Joke

    More!

    "If it didn't go off, what the hell's he paying $81k in compensation for?

    And if he can't even code file-deleting malware properly, he should have lost his job ages ago for just being crap."

    They should have gotten even more, exactly because of that! Having an incompetent idiot in the payroll is surely a loss of money...

  23. Aubry Thonon
    Happy

    Logic Bomb? @Daniel Voyce

    "haha - I bet it was something lame like a cron job.

    Come on - I bet we have all been tempted to do that at least once in our careers? This poor guy just got busted thats all!"

    Back when I was in Uni (in the dark ages) and fake 'man' page was doing the round in the Jokes newsgroup - it was for a utility called 'rr' (short for Russian Roulette). I liked it so much I implemented it in C and (as a lark) in shell-script. What the program would do when invoked was find *every* executable you had access to, pick one at random, and run it with the option string "-rf /". Bingo was when the system picked the "rm" command and you were running it as root. ^_^

    No, I never released either version... but I probably still have the source code around here somwhere.

  24. Jon Tocker

    $81,200 in compensation...

    If I were IT Manager for that company, I'd want at least that just to compensate me for having to put up with the wanker during his term of employment - never mind what it'd cost to audit and clean out the system.

    Like Agent Smith, I would feel "unclean" and that his mere presence had somehow tainted me. I'd want 81.2 kilobucks, three bars of disinfectant soap and a week off in which to scrub away any "moron germs" (worse than the "girl germs" we boys feared prior to the onset of puberty) I might have been exposed to by coming in contact with him.

    Then I'd want to pay top dollar to the team that auditted the system - no expenses spared - then shackle him out in the car park and make him scrub the cars of those who're cleaning up his mess.

    Other punishments like tattooing "fuckwit" on his forehead spring to mind but, from the sound of the bloke, it's probably aready obvious enough...

  25. max allan
    Joke

    Any sysadmins at the prison he's in?

    If you get a chance, how about deleting his release date file, see how he likes it.

  26. Teh_Vermicious_Knid
    Stop

    @ Syren Baran

    The plural of Virus is Viruses

    *NOT* Virii.

    Viri (yes, just one I) is already used in Latin as the plural of vir, meaning "man" (thus making viri mean "men") and adding another I (to form Virii) is a typical hyper correction.

    I feel much better now :D

  27. Svein Skogen
    Happy

    Delete the release-date? No. Not fun.

    It would be a lot funnier to delete his entire record from the Dept of Corrections system. Since he doesn't exist there, and cannot prove his identity, he simply gets reduced to a prisoner number, instead of a name. "Good bye".

    //Svein

This topic is closed for new posts.

Other stories you might like