HBO Offers Hackers $250,000 'bug bounty'

HBO reportedly offered $250,000 (£193,000) to the group that hacked its servers under the guise of a “bug bounty”, according to a screenshot of the conversation released by the attackers.

A senior vice president of the company made the offer on 27 July, phrasing the payment as a reward for discovering weaknesses in HBO’s network rather than acceding to ransom demands.

There is no way to verify the authenticity of the email, or whether it has been altered, but it was shared with some outlets through the same email address that the attackers had previously used to leak stolen data.

In the message, the executive says HBO has “been working hard since Sunday evening [23 July] to review all of the material that you have made available to us. We simply have not yet been able to do so”.

The executive continues: “You have the advantage of having surprised us. In the spirit of professional cooperation, we are asking you to extend your deadline for one week.

“As a show of good faith on our side, we are willing to commit to making a bug bounty payment of $250,000 to you as soon as we can establish the necessary account and acquire bitcoin.”

The offer may have been an attempt to stall for time, rather than a genuine proposal of payment. HBO explained about the hack four days after the bug bounty payment was offered, telling the public that it had experienced a “cyber-incident, which resulted in the compromise of proprietary information”.

A script for Game of Thrones, and two unreleased episodes of dramas Ballers and Room 104, were put online the same day. A week after the payment offer, on 3 August, the attackers sent out more evidence of hacked materials, and claimed to have access to the company’s entire webmail system, a claim denied by HBO.

The hackers later released the personal details of some Game of Thrones actors, including email addresses and phone numbers, plus some HBO emails and confidential files, along with a renewed demand for a multimillion dollar ransom.

Bug bounty payments are a common occurrence in cybersecurity, designed to encourage third-parties to discover and report weaknesses found in security systems so they can be fixed, rather than sell the information to would-be attackers.

But it is uncommon for them to be paid following the active exploitation of a bug to steal substantial quantities of data, and extremely uncommon for them to be paid to attackers who deliver payment demands in the form of a video of scrolling text set to dramatic music, asking for a payment of “six months’ salary”, or $6m, as the HBO attackers did.

At least one Hollywood hack victim has paid the ransom demanded by attackers, according to the Hollywood Reporter. But most victims refuse to talk about the ransom requests, fearing that admission they paid will make them a target for future attacks.

Guardian:

You Might Also Read:

Hackers Steal Game of Thrones Script:

Hacker Holds Netflix To Ransom:

 

« Chinese Satellite Sends Hack-Proof Messages
Cyber Security Risks Of Cloud Computing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

SmartSearch

SmartSearch

SmartSearch is a leading online provider of Anti-Money Laundering and Fraud Prevention Services.

DriveLock

DriveLock

Our security solution is designed to prevent external attacks, which are evermore sophisticated as well as monitor, document and even prevent internal incidents.

Threat Intelligence

Threat Intelligence

Threat Intelligence is a specialist security company providing penetration testing, threat intelligence, incident response and training services.

Delta Risk

Delta Risk

Delta Risk is a global provider of managed security services and cyber security risk management solutions to government and private sector clients.

DataProtect

DataProtect

DataProtect is a specialized information security company providing consultancy, information management, integration and training services.

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

PBOSecure

PBOSecure

PBOSecure is a dynamic and progressive IT consultancy company specializing in IT and Industrial Control System (ICS) security.

Mend.io

Mend.io

Mend.io (formerly known as WhiteSource) is an application security company built to secure today’s digital world.

Kymatio

Kymatio

Kymatio are pioneers in Artificial Intelligence applied to adaptive staff strengthening, cultural change and predictive internal risk analysis.

Enterprise Ethereum Alliance (EEA)

Enterprise Ethereum Alliance (EEA)

EEA is a member-led industry organization whose objective is to drive the use of Ethereum blockchain technology as an open-standard to empower ALL enterprises.

Randstad

Randstad

Randstad provide outsourcing, staffing, consulting and workforce solutions in the USA across a wide range of job sectors including IT and cybersecurity.

Arkphire

Arkphire

Arkphire provide solutions across every aspect of IT to help your business perform better.

Aembit

Aembit

Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads

FusionAuth

FusionAuth

FusionAuth is the customer authentication and authorization platform that makes developers' lives awesome.

Exodata

Exodata

Exodata is a French digital services company specializing in the outsourcing of IT Systems and solutions.

InfoSight

InfoSight

InfoSight offers proven Cyber Security, Regulatory Compliance, Risk Management and Infrastructure Solutions to protect your business and your customers from cyber crime and fraud.