Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cops Set Up Extortion Sting On Symantec's Source Code Thieves

Posted by timothy on from the don't-worry-now-we're-telling-the-truth dept.

Sparrowvsrevolution writes "Hackers linked with Anonymous leaked another 1.26 gigabytes of Symantec's data Monday night, what they say is the source code company's PCAnywhere program. More interestingly, also posted a long private email conversation that seems to show a Symantec exec offering the hackers $50,000 to not leak the company's data and to publicly state they had lied about obtaining it. Symantec has responded by revealing that in fact, the $50,000 offer had been a ruse, and the 'Symantec exec' was actually a law enforcement agent trying to trace the hackers. It adds that all the information the hackers have released, including a 2006 version of Norton Internet Security, is outdated and poses no threat to the company or its customers. Symantec says the Anonymous hackers began attempting to extort money from the company in mid-January, and it responded by contacting law enforcement, though it won't comment on the results of the fake payoff sting while the investigation is still ongoing."

9 of 168 comments (clear)

  1. Amusing... by Omnifarious · · Score: 3, Interesting

    Of course, anybody who's dealt with Anonymous knows they will try to get you to promise to sell out your customers or otherwise act in a way that's in your interests and detrimental to the interests of everyone you claim to 'protect'. They've done this multiple times. If I were an Anonymous target I would never agree to such a scheme because all that would happen would be that the conversation be published to make me look bad.

    Of course, having it be a 'police sting operation' is a great way to make it look like you weren't really going to sell out your customers. And who knows, maybe it's even true. And maybe all that source code really is for 'old versions'.

    But, the really incriminating evidence would be if there were emails showing that Symantec has been sponsoring or encouraging virus writers in some way. And I'm certain if Anonymous had that kind of evidence that it would be out in the open by now. So that means they don't. And maybe Symantec isn't as much of a sleaze bag company as I expected them to be.

    --
    Need a Python, C++, Unix, Linux develop
    1. Re:Amusing... by Omnifarious · · Score: 2, Interesting

      As an aside, the only people who believe that Anonymous is after money are people who have already sold out their ethics. Generally a big part of their self-justification for having done so is that 'everybody does it', and so the idea that Anonymous is in it for anything but the money would induce major cognitive dissonance.

      The tactic of trying to get your target to believe you want to extort them is a fantastic tactic for discovering people who deserve the kind of publicity it generates when you publish their willingness (and oftentimes eagerness) to be extorted. Unfortunately, I think sometimes Anonymous tries a bit too hard at this and there have been a couple of people they really badgered about it who truly weren't interested in the deal.

      --
      Need a Python, C++, Unix, Linux develop
  2. should be public anyway by Dr.+Tom · · Score: 2, Interesting

    Security code should be open for review anyway, or it's probably full of bugs and worthless.

  3. Re:Cops set up FAILED exortion sting by Tsingi · · Score: 2, Interesting

    Aside from the fact that they did hack in and steal the code.

    It seems pretty obvious that the extortion was entrapment.

    Funny. Both Symantec and the cops have egg on their face on this one. Those guys better be well and truly anonymous because they have stirred the hornets nest.

  4. Re:1.26 Gig? by Opportunist · · Score: 4, Interesting

    Let's see... grinds system to a halt, hard if not impossible to remove short of a reinstall, gives you no information what it actually does, contacts its maker and downloads code after sending god knows what...

    Yep. The pattern matches.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. Re:Cops set up FAILED exortion sting by iamhassi · · Score: 5, Interesting

    Why is Symantec acting like they fooled Anonymous? In the email it says "Say hi to FBI agents" and Symantec is like "We are not in contact with the FBI."

    Symantec fail.

    Title should be: Anonymous outsmarts Police, Symantec sting

    --
    my karma will be here long after I'm gone
  6. Re:Cops set up FAILED exortion sting by g0bshiTe · · Score: 4, Interesting

    I was more interested in the fact that Symantec is trying to make it look like Anonymous is into extortion, which from all reports has never been their goal.

    --
    I am Bennett Haselton! I am Bennett Haselton!
  7. Re:Cops set up FAILED exortion sting by tragedy · · Score: 2, Interesting

    If the source code was stolen for reasons other than extortion and the people who stole it are genuinely unlikely to commit extortion, then offering them money then turning around and claiming they're committing extortion is entrapment. Whether it is or isn't entrapment depends a lot on details that are currently secret, so all we can do is speculate.

  8. Re:That's not entrapment by tragedy · · Score: 3, Interesting

    It is a legitimate tactic to find them. Whether or not it's entrapment depends on whether or not they would be charged with extortion on top of the other crimes afterwards and, if they were, whether or not there was any evidence that they actually intended extortion before being offered money (likely they would have to prove that they didn't intend it rather than the prosecution proving they did).