YamaTough, the hacker, released the source codes for Symantec pcAnywhere program on the Internet and is threatening to release the 2006 versions of Norton Antivirus Corporate Edition and Norton Internet Security.
A hacker, who claimed to be a member of the famous group, “Anonymous” demanded $50,000 in order to keep Symantec source code private, cnet reported. Symantec confirmed the extortion attempt, which started this January.
Apparently, the hacker was communicating with Sam Thomas, a Symantec staff. The conversation begun on January 18, and it ended yesterday when the hacker released the source codes from pcAnywhere program. The negotiations were beneficial for Symantec as they had time to release patch update for pcAnywhere, Reuters reports.
In January, an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession. Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide.
Cris Paden, Symantec spokesman said:
Symantec was prepared for the code to be posted at some point and has developed and distributed a series of patches since January 23 to protect our users against known vulnerabilities.
This program enables one computer to remotely control and access another computer, establishing a one-to-one connection.
The hacker said that he always had in mind to release the source code for this program, while Symantec said “law enforcement had been directing its side of the talks.” It appears that law enforcement indeed took part into this conversation as they were trying to buy time and break down the amount of money into multiple payments, so that they can trace the hacker.
YamaTough hacker made the following statement to Reuters:
We tricked them into offering us a bribe so we could humiliate them.
Symantec previously confirmed that the hackers found a breach inside their system in 2006 and took the source codes from several products.