Former Fannie Mae Contractor Arrested for Planting Time Bomb Script
Category: Bugs / VirusPosted: January 29, 2009 08:06PM
Author: Nemo
A former Unix contractor for the Federal National Mortgage Association (Fannie Mae) is now facing charges for embedding a malicious piece of code in an existing script that could have wreaked havoc on the mortgage firm's servers. According to federal officials, the contractor, Rajendrasinh Makwana, was terminated by Fannie Mae on October 24, although his system access rights were not removed until later that evening. Sometime between his being fired and loosing access, Makwana allegedly planted a malicious script, known as a 'time bomb', set to go off on January 31. The federal affidavit claims the Unix engineer embedded code at the bottom of another legitimate script that runs daily. An attempt was made to hide the code by inserting a page's worth of blank lines before the malicious code. Five days later, another Fannie Mae engineer stumbled upon the time bomb before it could do any damage. The script could have caused millions of dollars in damage and shut down operations for at least a week. The malicious code was particularly nasty in that it would have propagated itself across approximately 4,000 servers at Fannie Mas where it would have deleted the root password, disabled all log-ins and alerts and deleted all data by overwriting with all zeros. Finally all 4,000 servers would have been powered down forcing system administrators to physically access each machine to turn them back on.
