Discover Yahoo! With Your Friends

Explore news, videos, and much more based on what your friends are reading and watching. Publish your own activity and retain full control.

To get started, first

YOUR FRIENDS' ACTIVITY

    As Hackers Leak Symantec's Source Code, Firm Says Cops Set Up Extortion Sting Operation

    By Andy Greenberg | Forbes – Tue, Feb 7, 2012

    Source code from the antivirus firm Symantec has been held hostage for the last month in a tense negotiation between the Anonymous hackers who stole that code and law enforcement agents who impersonated Symantec execs to set up a sting operation aimed at tracking down the data thieves. Now it seems the negotiations are over, and the hostage is dead.

    Hackers associated with the group Anonymous known as the Lords of Dharamaja leaked what appears to be another 1.27 gigabytes of source code from Symantec Monday night, what they claim is the source code of the Symantec program PCAnywhere. The leak comes as little surprise: Symantec had previously revealed that the hackers had obtained 2006 versions of that code along with other Symantec products from the same time period, and warned users of PCAnywhere to disable its functionality until they patched the program earlier this month.

    More interesting is another release from the same hackers: An email chain that shows what appears to be a Symantec staffer offering the hackers $50,000 to not release the code and to publicly state that they didn't possess it. "We can pay you $2,500 per month for the first three months," the email from someone at Symantec named Sam Thomas reads. "In exchange, you will make a public statement on behalf of your group that you lied about the hack (as you previously stated).   Once that's done, we will pay the rest of the $50,000 to your account and you can take it all out at once.  That should solve your problem."

    "You won't believe it but Symantec offered us money to keep quiet," a hacker from the group who uses the name YamaTough wrote on Twitter. "And quess what they couldn't make it over 50k for the whole range of their src shit, therefore the show starts as of tuday."

    In fact, Symantec says it never made any offer to meet the hackers' extortion demands. "Sam Thomas," Symantec spokesperson Cris Paden told me in an interview late Monday night, was the false name created by law enforcement agents who pretended to pursue the negotiations only to attempt to trace the hackers. The entire conversation had been a ruse.

    "Anonymous has been talking to law enforcement, not to us," Paden says. "No money was exchanged, and there was never going to be any money exchanged. It was all an effort to gather information for the investigation."

    The Lords of Dharamaja have publicly claimed since early January to have access to the source code from a range of Symantec products, and Symantec confirms the hackers leaked the source  code of the 2006 version of Norton Internet Security code on January 13. According to Paden, Symantec began to receive emails from the hackers a few days later, in which the group demanded money not to publish the portion of Symantec's source code it hadn't yet released.

    When they came to us with what was for all intents and purposes extortion, we went to law enforcement," says Paden. "From that point on, we turned over the investigation to them." Paden says he can't comment on which law enforcement agencies are involved, as the investigation is ongoing.

    Over the next weeks, the law enforcement agencies engaged in protracted negotiations with the hacker YamaTough, captured in the leaked email chain. At one point the agent pretending to represent Symantec offered $50,000 in small increments, but YamaTough insisted the fee be paid in one lump sum to its Liberty Reserve account, refusing to accept a PayPal transfer. At another point, YamaTough accused Symantec of working with the FBI to trace him, and Symantec denied they had contacted the FBI.

    Finally on February 6th, YamaTough seems to have grown impatient, and decided to post the code, which is now available on bittorrent.

    Symantec's Paden says that the company is still analyzing the leaked code, but that given that it was years out of date,  the company's recent patches for PCAnywhere should protect its customers. "We’re able to say with high confidence, any type of cyber attacks generated by this attack would have old characteristics and look like an attack from 2006 that can easily be stopped using current versions of our solutions," he says. "Our customers are protected." Meanwhile, Paden says he can't comment as to whether law enforcement's attempted sting operation yielded any success in tracking down the hackers, and he adds that the investigation into the theft of Symantec's code continues. "As to what happens next," he says. "We’re not really sure."

    Read the entire leaked email chain between the hacker YamaTough and the law enforcement agent pretending to be a Symantec exec here.

     

     

    15 comments

    • JP Tyson
      JP Tyson  •  3 mths ago
      Face it Symantec is outwitted
    • Joe
      Joe  •  Lenexa, Kansas  •  3 mths ago
      Why anyone would ever pay for Norton software is beyond me.
    • Kevin
      Kevin  •  Middelfart, Denmark  •  3 mths ago
      I think much of Symantec's source code is devoted to asking you if you want to renew your subscription. If you're not protecting nuclear launch codes, why would you pay for anti-virus software when you can get it for free? You shouldn't have your credit card or bank account numbers on your computer anyway so let the identify thieves try to steal your from your computer.
      • Jesus
        Jesus 3 mths ago
        So true, so true.. I hate it for that exact reason to.
      • bizaritrino
        bizaritrino 3 mths ago
        Way back in a former lifetime I used Norton Anti-virus. It was comical when it was getting close to renewal time how it suddenly started flagrantly "intercepting viral intrusion attempts." I put it in quotes because it was just such an obvious marketing ploy by Norton.
    • Earl
      Earl  •  Portland, Maine  •  3 mths ago
      Hopefully, maybe someone in anonymous can fix it for Symantec
    • Peanut
      Peanut  •  3 mths ago
      hackers 1, pigs Zero!!!
      • JP Tyson
        JP Tyson 3 mths ago
        We need more civil disobedience
      • Tom Triumph
        Tom Triumph 3 mths ago
        Peanut, next time you're geting raped, robbed or murdered call a hacker if you don't like law enforcement. I'm sure the hackers will protect you...
      • Keith
        Keith 3 mths ago
        Right Tom... When seconds count the cops are minutes away. The cops usually arrive after the fact, they don't protect you.
    • Tom Triumph
      Tom Triumph  •  3 mths ago
      Peanut, if you don't like cops, next time you're geting raped, robbed or murdered call a hacker to protect you ....
      • The Central Scrutinizer
        The Central Scrutinizer 3 mths ago
        Yeah, just like they helped the Powell kids...Cops are worthless. You want protection?? Buy a 9MM, and learn to use it.
    • Jake
      Jake  •  Oklahoma City, Oklahoma  •  3 mths ago
      anonymous really gave Occupy Wall Street a bad name. anonymous jumped into the Occupy movement like 4 months after it started world wide , Playing like they started the whole thing. You people from Anonymous are stupid retards . Get your own ideas Noobcakes , stop steeling .
    • Nony
      Nony  •  3 mths ago
      So... how'd that sting operation work out?
    • The Central Scrutinizer
      The Central Scrutinizer  •  Norwalk, Ohio  •  3 mths ago
      It is my opinion that these "anti-virus" software outfits are the ones who create a lot of these viruses, and then sell you the cure. Considering the amount of money involved, and the general state of corporate corruption, it wouldn't surprise me a bit.
    • Jesus
      Jesus  •  Benicia, California  •  3 mths ago
      I hate Norton.. All the crap that keeps popping up on your desktop. Its a very irritating Anti-Virus program that wont let you forget its running. AVG free is all you need, even if you download a lot from torrent sites.

      If you pay for Norton.. your a dumb dumb.
    • Nony
      Nony  •  3 mths ago
      Oh dear.
    • Shaman
      Shaman  •  Mountainside, New Jersey  •  3 mths ago
      I stopped using Norton years ago because it kept flagging itself as a virus - the nonstop ads for money and pop-ups must have been the tip off. After listening in on quite a few tech blogs and online discussions, I use Avast freeware, and could not be happier.
    • Tom Triumph
      Tom Triumph  •  3 mths ago
      Seems like Padin works for the hackers. Why else would he disclose everything about this to a journalist?
    • Doug
      Doug  •  Palmdale, California  •  3 mths ago
      This very simple:
      Life in Prison for any convicted hacker. These basement-dwelling zit-faced mama boys need to get real jobs and stop stealing other people's hard work, then pumping themselves up like they're actually important. Low life losers, all of them.
    • Aldwin
      Aldwin  •  3 mths ago
      Well, Thanks for letting us know Yahoo! I'm sure Anonymous appreciates the public heralding!
     Post a comment
    [ [ [['Connery is an experienced stuntman', 2]], 'http://yhoo.it/KeQd0p', '[Slideshow: See photos taken on the way down]', ' ', '630', ' ', ' ', ], [ [['Connery is an experienced stuntman', 7]], ' http://yhoo.it/KpUoHO', '[Slideshow: Death-defying daredevils]', ' ', '630', ' ', ' ', ], [ [['know that we have confidence in', 3]], 'http://yhoo.it/LqYjAX ', '[Related: The Secret Service guide to Cartagena]', ' ', '630', ' ', ' ', ], [ [['We picked up this other dog and', 5]], 'http://yhoo.it/JUSxvi', '[Related: 8 common dog fears, how to calm them]', ' ', '630', ' ', ' ', ], [ [['accused of running a fake hepatitis B', 5]], 'http://bit.ly/JnoJYN', '[Related: Did WH share raid details with filmmakers?]', ' ', '630', ' ', ' ', ], [ [['accused of running a fake hepatitis B', 3]], 'http://bit.ly/KoKiqJ', '[Factbox: AQAP, al-Qaeda in Yemen]', ' ', '630', ' ', ' ', ], [ [['have my contacts on or glasses', 3]], 'http://abcn.ws/KTE5AZ', '[Related: Should the murder charge be dropped?]', ' ', '630', ' ', ' ', ], [ [['have made this nation great as Sarah Palin', 5]], 'http://yhoo.it/JD7nlD', '[Related: Bristol Palin reality show debuts June 19]', ' ', '630', ' ', ' ', ], [ [['have made this nation great as Sarah Palin', 1]], 'http://bit.ly/JRPFRO', '[Related: McCain adviser who vetted Palin weighs in on VP race]', ' ', '630', ' ', ' ', ], [ [['A JetBlue flight from New York to Las Vegas', 3]], 'http://yhoo.it/GV9zpj', '[Related: View photos of the JetBlue plane in Amarillo]', ' ', '630', ' ', ' ', ], [ [['the 28-year-old neighborhood watchman who shot and killed', 15]], 'http://news.yahoo.com/photos/white-house-stays-out-of-teen-s-killing-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/cv/ip/ap/default/120411/martinzimmermen.jpg', '630', ' ', 'AP', ], [ [['Titanic', 7]], 'http://news.yahoo.com/titanic-anniversary/', ' ', 'http://l.yimg.com/a/p/us/news/editorial/b/4e/b4e5ad9f00b5dfeeec2226d53e173569.jpeg', '550', ' ', ' ', ], [ [['He was in shock and still strapped to his seat', 6]], 'http://news.yahoo.com/photos/navy-jet-crashes-in-virginia-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/cv/ip/ap/default/120406/jet_ap.jpg', '630', ' ', 'AP', ], [ [['xxxxxxxxxxxx', 11]], 'http://news.yahoo.com/photos/russian-grannies-win-bid-to-sing-at-eurovision-1331223625-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/a/p/us/news/editorial/1/56/156d92f2760dcd3e75bcd649a8b85fcf.jpeg', '500', ' ', 'AP', ] ]
    [ [ [['did not go as far his colleague', 8]], '29438204', '0' ], [ [[' the 28-year-old neighborhood watchman who shot and killed', 4]], '28924649', '0' ], [ [['because I know God protects me', 14], ['Brian Snow was at a nearby credit union', 5]], '28811216', '0' ], [ [['The state news agency RIA-Novosti quoted Rosaviatsiya', 6]], '28805461', '0' ], [ [['measure all but certain to fail in the face of bipartisan', 4]], '28771014', '0' ], [ [['matter what you do in this case', 5]], '28759848', '0' ], [ [['presume laws are constitutional', 7]], '28747556', '0' ], [ [['has destroyed 15 to 25 houses', 7]], '28744868', '0' ], [ [['short answer is yes', 7]], '28746030', '0' ], [ [['opportunity to tell the real story', 7]], '28731764', '0' ], [ [['entirely respectable way to put off the searing constitutional controversy', 7]], '28723797', '0' ], [ [['point of my campaign is that big ideas matter', 9]], '28712293', '0' ], [ [['As the standoff dragged into a second day', 7]], '28687424', '0' ], [ [['French police stepped up the search', 17]], '28667224', '0' ], [ [['Seeking to elevate his candidacy back to a general', 8]], '28660934', '0' ], [ [['The tragic story of Trayvon Martin', 4]], '28647343', '0' ], [ [['Karzai will get a chance soon to express', 8]], '28630306', '0' ], [ [['powerful storms stretching', 8]], '28493546', '0' ], [ [['basic norm that death is private', 6]], '28413590', '0' ], [ [['songwriter also saw a surge in sales for her debut album', 6]], '28413590', '1', 'Watch music videos from Whitney Houston ', 'on Yahoo! Music', 'http://music.yahoo.com' ], [ [['keyword', 99999999999999999999999]], 'videoID', '1', 'overwrite-pre-description', 'overwrite-link-string', 'overwrite-link-url' ] ]

    News For You

    Loading...