Computer security firm Symantec extorted by hackers

Feb 07, 2012
Computer security firm Symantec on Tuesday confirmed it tried to turn the tables on hackers who threatened to release stolen source code if a demand for $50,000 was not met.

Computer security firm Symantec on Tuesday confirmed it tried to turn the tables on hackers who threatened to release stolen source code if a demand for $50,000 was not met.

An email exchange posted online at pastebin.com revealed how negotiated with "Yamatough," a supposed affiliate of Anonymous, to pay an extortion demand.

"The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation," the firm said in a released statement.

"Given that the investigation is still ongoing, we are not going to disclose the involved and have no additional information to provide."

No money ever changed hands.

Symantec recommended in January that users of its pcAnywhere software disable the product following the theft of source code from the California-based .

Symantec subsequently said that the latest release of the software is defended from attack and released an upgrade to protect older versions.

Symantec, in a technical white paper posted in January on the firm's website, said the vulnerability to pcAnywhere, which allows for remote PC to PC connections, was the result of a 2006 theft of source code by hackers.

"We believe that source code for the 2006-era versions of the following products was exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere," Symantec said.

The only identified threat, however, was to pcAnywhere and not any of the Norton products.

Explore further: Digital dilemma: How will US respond to Sony hack?

add to favorites email to friend print save as pdf

Related Stories

Symantec urges users to disable pcAnywhere

Jan 26, 2012

Symantec is recommending that users of its pcAnywhere software disable the product following the theft of source code from the US computer security firm.

Indian hacker lords have Symantec antivirus code

Jan 07, 2012

(PhysOrg.com) -- An Indian hacker group called The Lords of Dharmaraja has laid claim to Symantec’s antivirus software code. Symantec, confirming the theft in an e-mail posted Friday, said the chunk of ...

Recommended for you

Digital dilemma: How will US respond to Sony hack?

Dec 18, 2014

The detective work blaming North Korea for the Sony hacker break-in appears so far to be largely circumstantial, The Associated Press has learned. The dramatic conclusion of a Korean role is based on subtle ...

UN General Assembly OKs digital privacy resolution

Dec 18, 2014

The U.N. General Assembly has approved a resolution demanding better digital privacy protections for people around the world, another response to Edward Snowden's revelations about U.S. government spying.

Online privacy to remain thorny issue: survey

Dec 18, 2014

Online privacy will remain a thorny issue over the next decade, without a widely accepted system that balances user rights and personal data collection, a survey of experts showed Thursday.

Spain: Google News vanishes amid 'Google Tax' spat

Dec 16, 2014

Google on Tuesday followed through with a pledge to shut down Google News in Spain in reaction to a Spanish law requiring news publishers to receive payment for content even if they are willing to give it away.

User comments : 16

Adjust slider to filter visible comments by rank

Display comments: newest first

JRDarby
3.9 / 5 (7) Feb 07, 2012
The PhysOrg article misrepresents the situation. Symantec's offer for $50,000 to not publish the source code was a sting operation conducted entirely by US federal authorities.

Furthermore, Yamatough is a member of the Lords of Dharmaraja, a group unaffiliated with Anonymous. See http://en.wikiped...armaraja

The only connection Anonymous has to this incident, as far as I can tell, is publication and distribution, mostly through retweets, of the source code. Note also that Anonymous is decentralized, and you can't firmly say anyone is or isn't Anonymous. It is more accurate to say that "people associated with the Anonymous movement" distributed the code rather than that Anonymous per se did.
Argiod
1 / 5 (5) Feb 07, 2012
Despite all statements by Symantec that they have fixed the problem; there remains the fact that someone hacked their systems. This puts their software to task to prove it works. Just how good could their software be if hackers can get into Symantec's system? It will be a long, cold day in Hades before I will trust anything from Peter Norton and his gang.
TehDog
not rated yet Feb 07, 2012
Much more detail here, well worth a read :-
http://www.thereg...anigans/
Vendicar_Decarian
1 / 5 (5) Feb 07, 2012
Symantec will probably not survive this.

Good.
350
3.7 / 5 (3) Feb 07, 2012
Symantec systems were not hacked. A third party working with them was. I don't see this bringing down the company either and such claims are obviously based purely on some emotional biased.
Eric_B
5 / 5 (1) Feb 08, 2012
"such claims are obviously based purely on some emotional biased." as are stock values, values based upon perception of value.
Jayded
not rated yet Feb 08, 2012
dudes you are all stoned. 90% of the world has absolutely no idea what you or Symantec are even talking about. Most Norton users have no idea anything was hacked by anyone and likely will still continue to happily purchase the exorbitant product.
Ethelred
3 / 5 (2) Feb 08, 2012
It will be a long, cold day in Hades before I will trust anything from Peter Norton and his gang.
SO then you will continue to buy from Symantec?

You are quite thoroughly ignorant on this. Peter was bought out over a decade ago.

This hack took place 6 years ago. Before Symantec figured out, perhaps this is one reason why, they needed to get off their coasting asses and completely overhaul most of the Norton product line.

Every one of the products mentioned has either been dumped, Goback, or completely rewritten, Norton AV, EXCEPT PC Anywhere and even that seems to have only needed a small update though I think they should rewrite it from scratch as it very old by internet standards.

Ethelred
evropej
1 / 5 (2) Feb 08, 2012
Too funny. I think that company is a joke. Their products are the classic example of horrible programming practices. They are the only company that I know of which produce an antivirus software which detects its own executables as a virus. How freakin hilarious is that? Some older versions would detect a virus just by name alone. Try typing the word keygen on any excutable and see what happens lol. I wonder if this is the only time their code got stolen?
jamesrm
not rated yet Feb 08, 2012
What a wonderful way to push sales of new products?
krundoloss
not rated yet Feb 08, 2012
So far I havent seen any antivirus product that actually has the balls to detect malware or prevent a rootkit. Malware is much much worse than viruses and much more widespread, yet Antivirus companies seem to ignore them or have little add on malware protection. Its kinda sad really.
Ethelred
3 / 5 (2) Feb 11, 2012
They are the only company that I know of which produce an antivirus software which detects its own executables as a virus. How freakin hilarious is that?
Almost as hilarious as that claim. When did you last try it? I have tried it every year since 2008 and never seen that happen. I try about a dozen AVs a year. One every thirty days or so.

Have Comodo at the moment and will try Norton 360 6.0 next.

Some older versions would detect a virus just by name alone.
Never with Norton but I did see Trend Micro do that with an empty folder labeled password cracker. It doesn't do that anymore.

I wonder if this is the only time their code got stolen?
It is completely dead code for the AV. They have new employees and completely rewrote the whole thing since 2006.

Try it. You might find you like it. I like Norton, Eset, Kaspersky, the Comodo I am using was little aggressive about geek tools, I can't recommend it for geeks.

Ethelred
Ethelred
3 / 5 (2) Feb 11, 2012
So far I havent seen any antivirus product that actually has the balls to detect malware or prevent a rootkit.
What the hell have you been trying?

Damn near all will do that. Have you been depending on AVG free? THAT doesn't do rootkits and hear different things about mallware but the pay version does both.

Malware is much much worse than viruses and much more widespread, yet Antivirus companies seem to ignore them or have little add on malware protection. Its kinda sad really.
They do detect it. You have been downloading zero day stuff. Even that is detected by most these days. Most of the time. Nothing catches everything.

If you don't know what it is don't run it till your AV has had a week to catch up or at least a day or three. Most AVs now check unknown executables via a hash file and a server database of new files. If they don't know what it don't run it except in a VM.>>
Ethelred
3 / 5 (2) Feb 11, 2012
Kaspersky and others have a sandbox you can use to test unknowns. Comodo was doing that with some video I have and about all I can say is the sandbox blocked the functioning to the point the programs wouldn't even start. They need to work on that.

Tools you can use to help if you screw up again.

Revo Uninstaller. It has a cool hunter mode that lets you move a square box over the mallware or anything else, window and it will find the program.

Unlocker - can help remove locked files.

Malwarebytes is supposed to be good at getting stuff out. I have never needed it.

Norton, Kaspersky, Bitdefender, Panda all have a bootable disc in the box. Eset and several others have downloadable rescue disks. A live Linux disc such as Unbuntu can be used to replace or remove known nasties.

Ethelred
migbasher
not rated yet Feb 12, 2012
Nortan products have always been a joke, taking up heaps of ram, almost useless scanning methods. It was only a matter of time before something such as this, would happen in my opinion. Symantec looks no different now, ignorant people will still pay them.
Ethelred
3 / 5 (2) Feb 13, 2012
Nortan products have always been a joke,
Past tense.

taking up heaps of ram
Uses less than 10 megs these days when you using the PC.

almost useless scanning methods.
OK that is just ignorant. It earned a score of Advanced overall in the latest AVcomparitives test which is not the best but is more than adequate for a product that uses a quarter of the RAM that Eset does and is better at zero day.

It was only a matter of time before something such as this, would happen in my opinion.
The time was 2006. You opinion is based on ignorance of the present.

Symantec looks no different now, ignorant people will still pay them.
I don't pay them. I just test it. Its pretty good. If I was going to pay, it is one that I might pay for. The only other that I would, at the moment, is Eset and it had a nasty habit of missing zero day malware in version 4. It should be better in version 5.

Ethelred

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.