When hackers breached Symantec's security systems, the company was left in a bind. That's why they tried to offer $50,000 in exchange for their stolen code.
The hackers had taken source code from the company's PCAnywhere and Norton Antivirus software. The break-in was severe enough for the company to call for consumers to disable PCAnywhere last month.
After all, if the source code was made public hackers could try to expose vulnerabilities in Symantec software.
The company managed to get the situation under control. Late January they informed consumers that their software was safe to use.
But that doesn't mean there wasn't any back-and-forth between the company and the alleged thieves.
A month-long email exchange was posted online. It detailed the correspondence between a person named "Yamatough" and a fake Symantec employee named "Sam Thomas," according to Ars Technica.
The "Sam Thomas" pseudonym was a false account set up by a law enforcement agency. The company declined to identify which agency was involved. But the company was quick to assert that they never actually paid off the hackers. They simply offered up the money.
Yet no funds ever changed hands. The email exchange documents this. In one, the hacker rejected Symantec's $50,000 offer because the group couldn't agree to the company's conditions.
The end result: Symantec was not really able to secure their code. Yet it's unclear if that is necessary. If they truly fixed the breaches that could be caused by the data leak, then consumers wouldn't be at risk. However, the fact that hackers tried to extort Symantec for the code could be a sign. The digital world is becoming much less secure.
- Hackers sought $50,000 from Symantec for anti-virus blueprint (Reuters)
- Is The Hacker World Targeting Your Law Firm? (FindLaw's Technologist)
- Hotspots Can Be Black Holes of Hacking Danger (FindLaw's Technologist)