Hacker blackmails Symantec in attempt to get hands on $50,000


Hacker blackmails Symantec in attempt to get hands on $50,000

Simon Quicke
An insight into the murky world of hacking and corporate extortion have emerged as a result of the details of a blackmail plot against Symantec being made public.

The vendor, which is itself a security specialist, found itself facing a $50,000 ransom demand last month unless it paid a hacker that was threatening to compromise the codes to some of its main products.

Law enforcement agencies handled the case pretending to represent the vendor in a sting operation with the hacker YamaTough. The details of their email exchanges became public yesterday.

YamaTough made the threat to release the code of PCAnywhere and Norton Antivirus and was drawn out into negotiations with the vendor's representative Sam Thomas over payments that would be made in installments but total $50,000. The money was only to be paid on condition the code was destroyed.

The tone of the emails, posted to Pastebin, indicated that the vendor was being threatened with the prospect of its code bluprints being made public, but it played for time arguing it could not just pay out $50k in a single transaction.

"Since no code yet being released and our email communication wasn't also released we give you 10 minutes to decide which way you go after that two of your codes fly to the moon PCAnywhere and Norton Antivirus totaling 2350MB in size (rar)  10 minutes if no reply from you we consider it a START this time we've made mirrors so it will be hard for you to get rid of  it," emailed YamaTough.

"We can't pay you $50,000 at once for the reasons we discussed previously," said one reply from the the alleged Symantec employee Thomas, who said it would pay but in smaller amounts over several months.

Although no money was exchanged, and in reports on Reuters the hacker claimed the motive was humiliation for Symantec rather than to get the cash, the case has highlighted the real dangers firms face having their intellectual property compromised.

Join the conversation Comment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.