Saturday, June 22, 2024

Frustrated IT Admin Gets 7 Years in Prison for Wiping Employer’s Databases

Chinese real estate biz giant Lianjia’s former database administrator, Han Bing (40-year-old), has been sentenced to 7 years in prison for hacking the corporate company’s systems and wiping their data.

Bing allegedly deleted all stored data from two database servers and two application servers using his administrative privileges and a “root” account in June 2018.

As a consequence, Lianjia has been forced to suspend large parts of its operations immediately. With this disruption, the company was unable to pay its employees for longer periods of time.

Not only that even restoring the whole data cost the company around $30,000, and it’s really expensive. It is not the direct damages caused by the interruption of the firm’s business, but rather the indirect damages, which were far more devastating.

Why this damage could have devasting impacts?

Since its market value is estimated to be $6 billion, and as of December 31, 2013, Lianjia owned 51 subsidiaries across 51 countries, operated thousands of offices, and employed over 120,000 brokers.

The incident of data deletion was attributed to the five main suspects, including Han Bing. When the company’s investigators asked the administrator to provide the company investigators with his laptop password, the administrator declined.

An investigator testified in court that they were aware such an operation would leave no trace on the laptop afterward. It is for this reason that only the five employees with access to the system were examined in order to measure their response.

A few days later, from the servers, the technicians retrieved all the access logs and also tracked all the activities back to specific internal IPs and MACs.

Moreover, they managed to retrieve the WiFi logs and timestamps, determining that the WiFi logs corresponded with CCTV footage, which would confirm their suspicions.

The contract forensic expert concluded that Bing had used the shred and rm commands to wipe its databases. This was the final reflection of the forensic expert’s analysis.

Here the shred overwrites data three times with multiple patterns, while rm deletes symbolic links to files.

Bing’s attempts to notify

The security holes in the financial system have repeatedly been reported by Han Bing to his employer and supervisors since he started working there.

Additionally, Han Bing also has sent a number of emails to other administrators in regard to the concerns he has.

The security projects he proposed to run, to ensure the safety of the company, were not approved and were harshly ignored by the department leaders.

Several witnesses at Lianjia, including the director of ethics at LianJia, Zhou Mou have come forward to help confirm this. While he told the court that Han Bing often found himself in arguments with his supervisors as he felt that his proposals were not being valued.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

PrestaShop Website Under Injection Attack Via Facebook Module

A critical vulnerability has been discovered in the "Facebook" module (pkfacebook) from Promokit.eu for...

Beware Of Illegal OTT Platforms That Exposes Sensitive Personal Information

A recent rise in data breaches from illegal Chinese OTT platforms exposes that user...

Beware Of Zergeca Botnet with Advanced Scanning & Persistence Features

A new botnet named Zergeca has emerged, showcasing advanced capabilities that set it apart...

Mailcow Mail Server Vulnerability Let Attackers Execute Remote Code

Two critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) affecting Mailcow versions before 2024-04 allow attackers to...

Hackers Attacking Vaults, Buckets, And Secrets To Steal Data

Hackers target vaults, buckets, and secrets to access some of the most classified and...

Hackers Weaponizing Windows Shortcut Files for Phishing

LNK files, a shortcut file type in Windows OS, provide easy access to programs,...

New Highly Evasive SquidLoader Attacking Employees Mimic As Word Document

Researchers discovered a new malware loader named SquidLoader targeting Chinese organizations, which arrives as...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles