[ISN] Hackers wanted $50,000 to keep Symantec source code private

[InfoSec News <alerts@xxxxxxxxxxxxxxx>]

http://news.cnet.com/8301-1009_3-57372308-83/hackers-wanted-$50000-to-keep-symantec-source-code-private/

By Steven Musil
CNET News
Security
February 6, 2012

As part of a sting operation, Symantec told a hacker group that it would 
pay $50,000 to keep the source code for some of the its flagship 
security products off the Internet, the company confirmed to CNET this 
evening.

An e-mail exchange revealing the extortion attempt posted to Pastebin 
(see below) today shows a purported Symantec employee named Sam Thomas 
negotiating payment with an individual named "Yamatough" to prevent the 
release of PCAnywhere and Norton Antivirus code. Yamatough is the 
Twitter identity of an individual or group that had previously 
threatened to release the source code for Norton Antivirus.

"We will pay you $50,000.00 USD total," Thomas said in an e-mail dated 
Thursday. "However, we need assurances that you are not going to release 
the code after payment. We will pay you $2,500 a month for the first 
three months. Payments start next week. After the first three months you 
have to convince us you have destroyed the code before we pay the 
balance. We are trusting you to keep your end of the bargain."

A Symantec representative confirmed for CNET the extortion attempt in 
this statement:

[...]


_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn