Symantec offered hacker $50,000 for stolen source code

Leeky

Leeky

Posts: 3,357   +116

Anonymous released email exchanges between a member and Symantec yesterday, revealing that the security firm offered them $50,000 in exchange for destroying the source code of pcAnywhere and Norton Antivirus tools, believed to have been obtained by hackers after breaking into servers of the Indian Military Intelligence in 2006.

The deal fell through after extended discussions about payment through Liberty Reserve bank in Costa Rica and issues with receiving the proof of code they requested. The source code for Symantec’s pcAnywhere has now been released through Pirate Bay.

The email communications published on Pastebin by Anonymous detail a Symantec employee, Sam Thomas, negotiating with YamaTough under the umbrella of Anonymous out of a Venezuelan email address last month. In them the security company offered the hacker substantial money to not release the code, and state they never publicly had it.

"We will pay you $50,000.00 USD total," the email from Sam Thomas read. "However, we need assurances that you are not going to release the code after payment. We will pay you $2,500 a month for the first three months. Payments start next week. After the first three months you have to convince us you have destroyed the code before we pay the balance. We are trusting you to keep your end of the bargain."

A Symantec spokesperson released a statement via email to CNet last night with their side of the story:

"In January, an individual claiming to be part of the Anonymous group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession […] Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide."

In an interview with Forbes, Symantec spokesperson Cris Paden stated that the employee in the emails was in fact a law enforcement agent, who was pretending to pursue the negotiation in order to trace the hacker. "No money was exchanged, and there was never going to be any money exchanged. It was all an effort to gather information for the investigation," Paden said.

Symantec released an update to its pcAnywhere software on January 30, after previously advising customers not to use it until the patch had been released. The firm has stated that due to the age of the source code, it poses no real threat to customers even if the full blueprint is released.

Permalink to story.

https://www.techspot.com/news/47344-symantec-offered-hacker-50000-for-stolen-source-code.html

 
If the source code is so old that is poses no real threat, why are they telling customers not to use pcAnywhere until a patch has been released?
 
I wouldn't be surprised if Symantec weren't theoretically willing to make such an offer (that's the salary of the guy who's going to have to write the new source code), but I find it extremely hard to believe that a tech security company would ever trust all copies of something to be destroyed in such a manner.
 
Anon keeps falling for this stuff. Maybe they wouldn't fall into so many holes if they weren't so cocky, or if they were older than 15..
 
If Anonymous made sense... they wouldnt do **** like this. This just goes to show that Anonymous... is just anonymous. Just a bunch of people claiming to be this "Anonymous." If they are against SOPA, and all that jazz, why use Pirate Bay or the like to publish this source code? This just gives me a stronger feeling to support SOPA and have the Pirate Bay shut down, because god knows that people who write viruses need Norton's source code, no matter how old it is, it's still going to be useful to the countless number of people who write viruses/trojans/malware, because you should know... that about 65 percent (just a guess) of the people that have that software installed, have no freaking clue whats going on.
 
put your source code on a flash drive and unplug it, jesus. MY SOURCE CODE WAS HACKED. put it on a flash drive and unplug it on put it on your desk and this wont happen. so hard to do people.
 
Mindwraith said:
Anon keeps falling for this stuff. Maybe they wouldn't fall into so many holes if they weren't so cocky, or if they were older than 15..
Click to expand...

I couldn't have said it better myself :D
 
@trillionsin

Thats the point. The ORIGINAL purpose of Anonymous is that they dont exist. By having a fake hacker group known as Anonymous, people will continue to pursue this group. team poison, jester, ccc, lulzsec (or whats left) will just go in as anonymous and do whatever they want. Anonymous is just a farce and the people pretending to be behind it are usually no real threat.

i cite myself that this was the original purpose
 
someone13 at 2012-02-07 15:26 CET:
what can we do after we have the source code?

I lol'd
 
trillionsin said:
If Anonymous made sense... they wouldnt do **** like this. This just goes to show that Anonymous... is just anonymous. Just a bunch of people claiming to be this "Anonymous." If they are against SOPA, and all that jazz, why use Pirate Bay or the like to publish this source code? This just gives me a stronger feeling to support SOPA and have the Pirate Bay shut down, because god knows that people who write viruses need Norton's source code, no matter how old it is, it's still going to be useful to the countless number of people who write viruses/trojans/malware, because you should know... that about 65 percent (just a guess) of the people that have that software installed, have no freaking clue whats going on.
Click to expand...

If you think that shutting down tPB would provide any noticeable barrier to something like this, you're living in a dream world. Someone that possesses enough know-how to abscond with AV source code sure as hell knows how to move files across the web without a damn torrent tracker. The same is true of anyone that could actually use that code in any meaningful way. You are essentially advocating wasting a bunch of government funding to accomplish nothing whatsoever. (Granted, that's par for the course with the feds these days.)
 
Wendig0 said:
Mindwraith said:
Anon keeps falling for this stuff. Maybe they wouldn't fall into so many holes if they weren't so cocky, or if they were older than 15..
Click to expand...

I couldn't have said it better myself :D
Click to expand...
And yet can still do more with their fingers on a keyboard than you will accomplish in your entire life - makes you mighty depressed to think how waste our lives are…
 
You must log in or register to reply here.

Similar threads

A
Russian state-sponsored hackers compromised Microsoft source code repositories
Replies
16
Views
390
ZedRM
ZedRM
Cal Jeffrey
Ransomware group scams its partner out of a share of $22 million by faking an FBI takedown
Replies
6
Views
254
ZedRM
ZedRM
A
Mercedes-Benz accidentally shared its source code and business secrets with the whole...
Replies
11
Views
320
toooooot
T

Latest posts

Back