Fannie Mae IT contractor indicted for planting malware bomb

Fannie Mae IT contractor indicted for planting malware bomb

A computer programmer fired by Fannie Mae has been indicted for planting a malicious script on the US mortgage firm's servers designed to spread throughout its entire PC network and destroy all data.

Rajendrasinh Babubhai Makwana, 35, from Virginia, was indicted by a federal grand jury on Wednesday on a count of computer intrusion.

Makwana worked as a contract employee at Fannie Mae's Urbana, Maryland data centre for nearly three years as part of a group that created computer scripts and had access to the company's 4000 servers throughout the country.

According to an affidavit from FBI special agent, Jessica Nye, his contract was terminated on 24 October, 2008, after he erroneously created a computer script that changed the settings on the Unix servers without authorisation.

On the day he was fired, Makwana was told to hand over his Fannie Mae equipment, including his laptop. However his computer access was not terminated until late that evening.

Makwana is accused of using this time to embed a malicious script at the bottom of a pre-existing, legitimate one that runs every morning.

The script was intended to remain dormant for three months before executing on 31 January 2009, when it would block Fannie Mae's monitoring system and disable all server log-ins. The script would also remove the root password appliance access to the servers before wiping out all of the data and replacing it with zeros.

The script would finally power off all the servers, meaning they could not be remotely turned back on.

"Had this malicious script executed, ABC [Fannie Mae] engineers expect it would have caused millions of dollars of damage and reduced if not shutdown operations at ABC for at least one week," says Nye's affidavit.

However, the script did not execute because a Unix engineer spotted it by chance five days after it had been planted. The legitimate and malicious scripts were removed that day and a standard lock down of all access to the servers was ordered.

Makwana is scheduled to be arraigned today and faces a maximum sentence of 10 years in prison if found guilty.

Comments: (0)