Computer security firm Symantec extorted by hackers

Symantec recommended that users of its pcAnywhere software disable the product — Computer security firm Symantec on Tuesday confirmed it tried to turn the tables on hackers who threatened to release stolen source code if a demand for $50,000 was not met.

Computer security firm Symantec on Tuesday confirmed it tried to turn the tables on hackers who threatened to release stolen source code if a demand for $50,000 was not met.

An email exchange posted online at pastebin.com revealed how Symantec negotiated with "Yamatough," a supposed affiliate of hacker group Anonymous, to pay an extortion demand.

"The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation," the firm said in a released statement.

"Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide."

No money ever changed hands.

Symantec recommended in January that users of its pcAnywhere software disable the product following the theft of source code from the California-based security firm.

Symantec subsequently said that the latest release of the software is defended from attack and released an upgrade to protect older versions.

Symantec, in a technical white paper posted in January on the firm's website, said the vulnerability to pcAnywhere, which allows for remote PC to PC connections, was the result of a 2006 theft of source code by hackers.

"We believe that source code for the 2006-era versions of the following products was exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere," Symantec said.

The only identified threat, however, was to pcAnywhere and not any of the Norton products.

Explore further: Bernanke forecasts gains from computer technology

Meta glasses to place virtual reality worlds at fingertips (w/ Video)

(Phys.org) —Yawn. Two startup visionaries claim they have just the device to replace keyboard and mouse forever and ever. Where have you heard that before. But maybe these two have something important. ...

Hong Kong launches first electric taxis

Hong Kong saw its first electric taxis hit the streets on Saturday in a step towards reducing the city's high levels of roadside pollution.

US seizes Bitcoin operator accounts

US authorities seized the accounts of a Bitcoin digital currency exchange operator, claiming it was functioning as an "unlicensed money service business," court documents showed Friday.

Morocco to harness the wind in energy hunt

Morocco is ploughing ahead with a programme to boost wind energy production, particularly in the southern Tarfaya region, where Africa's largest wind farm is set to open in 2014.

Pakistan adopts Chinese rival GPS satellite system

Pakistan is set to become the fifth Asian country to use China's domestic satellite navigation system which was launched as a rival to the US global positioning system, a report said Saturday.

Mars rover Opportunity examines clay clues in rock

(Phys.org) —NASA's senior Mars rover, Opportunity, is driving to a new study area after a dramatic finish to 20 months on "Cape York" with examination of a rock intensely altered by water.

Galaxy's Ring of Fire

Johnny Cash may have preferred this galaxy's burning ring of fire to the one he sang about falling into in his popular song. The "starburst ring" seen at center in red and yellow hues is not the product of ...

Field tests in Mojave Desert pave way for human exploration of small bodies

(Phys.org) —A team of researchers from the SETI Institute, the Mars Institute, NASA Ames Research Center, and the space robotics company Honeybee Robotics, has successfully completed a first series of field ...

Alaska volcano shoots ash 15,000 feet into the air

(AP)—One of Alaska's most restless volcanoes has shot an ash cloud 15,000 feet into the air in an ongoing eruption that has drawn attention from a nearby community but isn't expected to threaten air traffic.

Bernanke forecasts gains from computer technology

(AP)—Federal Reserve Chairman Ben Bernanke says pessimists who are forecasting that the economy will not reap sizable benefits from the computer revolution are likely to be proven wrong.

JRDarby

3.9 / 5 (7) Feb 07, 2012

The PhysOrg article misrepresents the situation. Symantec's offer for $50,000 to not publish the source code was a sting operation conducted entirely by US federal authorities.

Furthermore, Yamatough is a member of the Lords of Dharmaraja, a group unaffiliated with Anonymous. See http://en.wikiped...armaraja

The only connection Anonymous has to this incident, as far as I can tell, is publication and distribution, mostly through retweets, of the source code. Note also that Anonymous is decentralized, and you can't firmly say anyone is or isn't Anonymous. It is more accurate to say that "people associated with the Anonymous movement" distributed the code rather than that Anonymous per se did.

Argiod

1 / 5 (3) Feb 07, 2012

Despite all statements by Symantec that they have fixed the problem; there remains the fact that someone hacked their systems. This puts their software to task to prove it works. Just how good could their software be if hackers can get into Symantec's system? It will be a long, cold day in Hades before I will trust anything from Peter Norton and his gang.

TehDog

not rated yet Feb 07, 2012

Much more detail here, well worth a read :-
http://www.thereg...anigans/

Vendicar_Decarian

1 / 5 (5) Feb 07, 2012

Symantec will probably not survive this.

Good.

350

5 / 5 (2) Feb 07, 2012

Symantec systems were not hacked. A third party working with them was. I don't see this bringing down the company either and such claims are obviously based purely on some emotional biased.

Eric_B

5 / 5 (1) Feb 08, 2012

"such claims are obviously based purely on some emotional biased." as are stock values, values based upon perception of value.

Jayded

not rated yet Feb 08, 2012

dudes you are all stoned. 90% of the world has absolutely no idea what you or Symantec are even talking about. Most Norton users have no idea anything was hacked by anyone and likely will still continue to happily purchase the exorbitant product.

Ethelred

It will be a long, cold day in Hades before I will trust anything from Peter Norton and his gang.

SO then you will continue to buy from Symantec?

You are quite thoroughly ignorant on this. Peter was bought out over a decade ago.

This hack took place 6 years ago. Before Symantec figured out, perhaps this is one reason why, they needed to get off their coasting asses and completely overhaul most of the Norton product line.

Every one of the products mentioned has either been dumped, Goback, or completely rewritten, Norton AV, EXCEPT PC Anywhere and even that seems to have only needed a small update though I think they should rewrite it from scratch as it very old by internet standards.

Ethelred

evropej

1 / 5 (1) Feb 08, 2012

Too funny. I think that company is a joke. Their products are the classic example of horrible programming practices. They are the only company that I know of which produce an antivirus software which detects its own executables as a virus. How freakin hilarious is that? Some older versions would detect a virus just by name alone. Try typing the word keygen on any excutable and see what happens lol. I wonder if this is the only time their code got stolen?

jamesrm

What a wonderful way to push sales of new products?

krundoloss

So far I havent seen any antivirus product that actually has the balls to detect malware or prevent a rootkit. Malware is much much worse than viruses and much more widespread, yet Antivirus companies seem to ignore them or have little add on malware protection. Its kinda sad really.

5 / 5 (1) Feb 11, 2012

They are the only company that I know of which produce an antivirus software which detects its own executables as a virus. How freakin hilarious is that?

Almost as hilarious as that claim. When did you last try it? I have tried it every year since 2008 and never seen that happen. I try about a dozen AVs a year. One every thirty days or so.

Have Comodo at the moment and will try Norton 360 6.0 next.

Some older versions would detect a virus just by name alone.

Never with Norton but I did see Trend Micro do that with an empty folder labeled password cracker. It doesn't do that anymore.

I wonder if this is the only time their code got stolen?

It is completely dead code for the AV. They have new employees and completely rewrote the whole thing since 2006.

Try it. You might find you like it. I like Norton, Eset, Kaspersky, the Comodo I am using was little aggressive about geek tools, I can't recommend it for geeks.

Ethelred

So far I havent seen any antivirus product that actually has the balls to detect malware or prevent a rootkit.

What the hell have you been trying?

Damn near all will do that. Have you been depending on AVG free? THAT doesn't do rootkits and hear different things about mallware but the pay version does both.

Malware is much much worse than viruses and much more widespread, yet Antivirus companies seem to ignore them or have little add on malware protection. Its kinda sad really.

They do detect it. You have been downloading zero day stuff. Even that is detected by most these days. Most of the time. Nothing catches everything.

If you don't know what it is don't run it till your AV has had a week to catch up or at least a day or three. Most AVs now check unknown executables via a hash file and a server database of new files. If they don't know what it don't run it except in a VM.>>

Kaspersky and others have a sandbox you can use to test unknowns. Comodo was doing that with some video I have and about all I can say is the sandbox blocked the functioning to the point the programs wouldn't even start. They need to work on that.

Tools you can use to help if you screw up again.

Revo Uninstaller. It has a cool hunter mode that lets you move a square box over the mallware or anything else, window and it will find the program.

Unlocker - can help remove locked files.

Malwarebytes is supposed to be good at getting stuff out. I have never needed it.

Norton, Kaspersky, Bitdefender, Panda all have a bootable disc in the box. Eset and several others have downloadable rescue disks. A live Linux disc such as Unbuntu can be used to replace or remove known nasties.

Ethelred

migbasher

not rated yet Feb 12, 2012

Nortan products have always been a joke, taking up heaps of ram, almost useless scanning methods. It was only a matter of time before something such as this, would happen in my opinion. Symantec looks no different now, ignorant people will still pay them.

5 / 5 (1) Feb 13, 2012

Nortan products have always been a joke,

Past tense.

taking up heaps of ram

Uses less than 10 megs these days when you using the PC.

almost useless scanning methods.

OK that is just ignorant. It earned a score of Advanced overall in the latest AVcomparitives test which is not the best but is more than adequate for a product that uses a quarter of the RAM that Eset does and is better at zero day.

It was only a matter of time before something such as this, would happen in my opinion.

The time was 2006. You opinion is based on ignorance of the present.

Symantec looks no different now, ignorant people will still pay them.

I don't pay them. I just test it. Its pretty good. If I was going to pay, it is one that I might pay for. The only other that I would, at the moment, is Eset and it had a nasty habit of missing zero day malware in version 4. It should be better in version 5.

Ethelred

More news stories