Symantec dobbed in hacker during extortion attempt

Powered by SC Magazine
 

Police investigation continues.

hacker was kept talking while Symantec contacted law enforcement during an extortion attempt last month.

YamaTough demanded $US50,000 ($A46,683) from Symantec to destroy stolen Symantec source code and make a public statement denying that he/she stole the data.

A string of emails posted to pastebin by the hacker revealed the exchange between a purported Symantec employee and YamaTough.

Symantec’s US headquarters said the exchange was part of a coordinated investigation with law enforcement to catch the extortionist.

The Gmail address used to contact the hacker was established and run by police, Symantec said.

“Anonymous actually reached out to us, first, saying that if we provided them with money, they would not post any more source code. At that point, given that it was a clear cut case of extortion, we contacted law enforcement and turned the investigation over to them."

"All subsequent communications were actually between Anonymous and law enforcement agents – not Symantec. This was all part of their investigative techniques for these types of incidents.”

Symantec said it could not comment further because the police investigation was ongoing.

“We are not going to disclose the law enforcement agencies involved and have no additional information to provide.”

In the leaked email conversation, Symantec appeared to offer to wire the hacker $US1000 ($A933) as “a sign of good faith”, and pay the remaining $US50,000 in $US2500 ($A2333) installments.

Symantec told YamaTough it could not wire the entire amount at once and promised to pay in installments so the hacker wouldn't publish the source code after being paid.

The hacker was promised that Symantec was “not in contact with the FBI” and that for the company, “protecting our company and property are our top priorities”.

“We can't pay you $50,000 at once for the reasons we discussed previously. We can pay you $2,500 per month for the first three months.

"In exchange, you will make a public statement on behalf of your group that you lied about the hack (as you previously stated). Once that's done, we will pay the rest of the $50,000 to your account and you can take it all out at once. That should solve your problem.

"Obviously you still have our code so if we don't follow through you still have the upper hand. “

The hacker claimed to have stolen the source code from Indian Government agencies in order to undermine the state.

He told SC Magazine that he extorted Symantec to damage the company and did not intend to keep the money.

In an interview with InfoSec Island, YamaTough apologised to Symantec and said the theft was collateral damage. Motives appear to have shifted.

Copyright © SC Magazine, Australia


Symantec dobbed in hacker during extortion attempt
Tags
 
 
 
Top Stories
Westpac interim CIO resigns
Group CIO yet to be appointed.
 
Five emerging technologies that will transform financial services
[Blog post] Far out ideas that aren't far off.
 
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  27%
 
Application integration concerns
  3%
 
Security and compliance concerns
  28%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 934

Vote