Nokia lost millions in Symbian source code ransom

Firm was attacked by hackers in 2008

Nokia paid millions of euros to blackmailers in 2008 in an attempt to claw back stolen source code from its Symbian mobile operating system, it has been revealed.

According to a report by Reuters, based on a Finnish TV news cast, the firm was approached by blackmailers who had an encryption key for the source code, and were demanding a ransom of millions.

Nokia did not confirm this to Reuters, and has not responded to V3's request for more information. However, detective chief inspector Tero Haapala told Reuters: "We are investigating felony blackmail, with Nokia the injured party."

Nokia responded to the demands with a plan to deliver the money to a drop-off point in a car park in Tampere, central Finland, with oversight from the police. The money was dropped off, but the police lost the suspects shortly after, claims the report.

Ransom demands are not uncommon. Only this week hackers threatened to release customer information from pizza chain Domino's. The hackers asked for €30,000, but it seems that a response, including suspending the hacking group's account from Twitter, ended the threat.

Earlier in June the UK's National Crime Agency (NCA) warned consumers and organisations about the GoZeus and Cryptolocker malware - which include a ransom-demanding payload - advising them not to yield to demands.

"While there is never a bad time to maximise your online security, and it is something we should all do regularly, acting now can provide unprecedented levels of protection from these types of malware," said Andy Archibald, deputy director of the NCA's National Cyber Crime Unit.

David Howorth, vice president of sales for Europe, the Middle East and Africa at Alert Logic, said: "I would advise any enterprise that finds itself in a situation where hackers are blackmailing it for a ransom to never pay it.

"Not only does this make that company a sitting duck for other hackers once word gets out that it ‘pays up', but - let's face it - these hackers have no ethical code of conduct. Once they have your sensitive information, it is safe to assume that the data is making its way to the black market, where it will be sold."