updated 08:25 pm EST, Tue February 7, 2012
Hacker tried to extort $50k to "humiliate" company
Symantec has revealed that a hacker has followed through on a threat to release the source code for the company's pcAnywhere utility software. The hacker, known as YamaTough, took the action after negotiations via e-mail for a forced payment of $50,000 failed. The exchange, it has been revealed, was actually between the hacker and police in a sting.
The hacker, member of the group known the Lords of Dharmaraja, ultimately obtained the code as the result of a breach of Symantec's corporate website in 2006. The group is associated with the larger hacking organization Anonymous. In January, Yamatough began releasing pieces of the source code. He then began an e-mail dialog with who he thought were Symantec employees. They were actually members of an unidentified law enforcement agency. The hacker sought to extort payment in return for not making the code public. During the email exchanges, the hacker began to post portions of the negotiation dialog.
The two parties were close to an agreement on a sum in the amount of $50,000, and were haggling over a payment method and schedule. The agents offered to pay using PayPal, but that was rejected. During negotiations, YamaTough had released pieces of the software. Today, the negotiations fell through and the hacker released the full code.
Symantec claims that the release of the code doesn't put consumers at risk. The code was stolen in 2006, and new, different code has been written since then. While negotiations were ongoing, the company began writing and releasing patches and fixes to close any vulnerabilities on January 23, the app developer said. Symantec at one point had taken the step of asking customers to stop using the app for a brief time while it created the patches.
The hacker claims he never intended to take the money. His main objective was to "humiliate" the company by forcing them to offer a "bribe."
During the 2006 breach, source code from other products, including Norton Antivirus Corporate Edition and Norton Internet Security were also stolen. Symantec has indicated that it believes that this code will also be made public by the hacker, but contend that because it is six years old, the risk of exposure is minimal. [via Reuters]