Skip to main content

    Symantec source code held by hackers in $50,000 extortion attempt, may have been released into the wild

    Symantec source code held by hackers in $50,000 extortion attempt, may have been released into the wild

    /

    The source code for Symantec's pcAnywhere may have been leaked after a weeks-long stand-off between the software company, law-enforcement officials, and a hacker group threatening to sell the code to the highest bidder.

    Share this story

    Symantec logo
    Symantec logo

    The source code for Symantec's pcAnywhere and Norton AntiVirus products has been at the center of a weeks-long stand-off between the company, law-enforcement officials, and a hacker group threatening to sell the code to the highest bidder. An email exchange posted to Pastebin details negotiations between a Symantec employee named Sam Thomas, and a representative for the hacker organization going by the name "YamaTough." In the exchange, Symantec agrees to pay the group $50,000 if they destroy the source code and publicly state that they never had possession of it, but the discussions came to a standstill on Monday. The code for the two applications in question, along with several other products in Symantec's line-up, had been stolen after the company's networks were compromised in 2006. A group calling itself the Lords of Dharamaja claimed to have the pcAnywhere code in hand this past January, which prompted Symantec to ask users to block all ports on their computers that are associated with the application.

    Symantec has told Forbes that the "Sam Thomas" in the email exchanges isn't a real employee of Symantec at all, but rather a fictional persona used by an unnamed law-enforcement agency that has been conducting the negotiations as part of a sting operation. "When they came to us with what was for all intents and purposes extortion, we went to law enforcement," said Symantec spokesperson Cris Paden. "From that point on, we turned over the investigation to them." No matter what the strategy, it would appear that things have not gone as planned: a 1.27GB file purporting to be the pcAnywhere source code surfaced Monday on The Pirate Bay. Symantec is still analyzing the code to verify its authenticity, but claims that even in a worst case scenario any attacks based upon the 2006 source code would be easily avoided by current versions of its software. The stolen source code for Norton AntiVirus has yet to be spotted in the wild.