Cloud engineer gets 2 years for wiping ex-employer’s code repos

Trending 2 months ago

Hacker

Miklos Daniel Brody, a unreality engineer, was sentenced to 2 years successful situation and a restitution of $529,000 for wiping nan codification repositories of his erstwhile employer successful retaliation for being fired by nan company. 

First Republic Bank was a commercialized slope successful nan U.S., employing complete 7 1000 group and having an yearly gross of $6.75 billion. The slope closed connected May 1, 2023, and was sold to JPMorgan Chase.

According to nan U.S. Department of Justice (DoJ) announcement, Brody was fired connected March 11, 2020, from First Republic Bank (FRB) successful San Francisco, wherever he worked arsenic a unreality engineer.

The court documents state that Brody's employment was terminated aft he violated institution policies by connecting a USB thrust containing pornography to institution computers.

Following his dismissal, Brody allegedly refused to return his activity laptop and alternatively utilized his still-valid relationship to entree nan bank's machine web and origin damages estimated to beryllium supra $220,000

"Among different things, Brody deleted nan bank's codification repositories, ran a malicious book to delete logs, near taunts wrong nan bank's codification for erstwhile colleagues, and impersonated different slope labor by opening sessions successful their names," describes the U.S. DOJ announcement.

"He besides emailed himself proprietary slope codification that he had worked connected arsenic an employee, which was weighted astatine complete $5,000."

Until his entree to FRB's web was yet terminated connected March 12, 2020, Brody had performed nan pursuing actions:

  • Ran a malicious book named "dar.sh" to swipe FRB's servers
  • Deleted git logs and git perpetrate history for nan peculiar script
  • Accessed FRB's GitHub repository and deleted nan hosted code
  • Inserted 'taunts' successful nan code, including references to "grok"
  • Impersonated different unreality technologist astatine FRB to entree nan firm's web and make configuration changes

After nan incident, Brody falsely reported to nan San Francisco Police Department that nan FRB-issued laptop had been stolen from his car.

He continued to uphold this communicative erstwhile interviewed by United States Secret Service agents pursuing his apprehension successful March 2021.

Eventually, successful April 2023, Brody pleaded blameworthy to lying astir nan laptop and to 2 charges concerning usurpation of nan Computer Fraud and Abuse Act.

In summation to nan two-year situation word and nan costs of nan restitution, Brody will service 3 years of supervised release.