Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Symantec admits source code published by Anonymous is genuine

Code for security products posted on Pirate Bay

Article comments

Symantec is in an ongoing fight against hackers in the group Anonymous that last January attempted to extort a payment of around $50,000 (£30,000) from Symantec in exchange for not publicly posting stolen Symantec source code they had stolen for various older Symantec security products dating to 2006.

Late yesterday, hackers did release the source code for an older version of Symantec's pcAnywhere and Norton Internet Security by uploading it to The Pirate Bay. Symantec confirms this is legitimate Symantec source code, and Symantec spokesman Chris Paden says the concern now is that other code that Anonymous claims to have in its possession will soon be posted as well.

"Be advised, we also anticipate Anonymous to post the rest of the code they have claimed to have in their possession. So far, they have posted code for the 2006 version of Norton Internet Security and pcAnywhere. We anticipate that at some point, they will post the code for Norton Antivirus Corporate Edition and Norton Systemworks. Both products no longer exist."

Symantec says it foresees no immediate security issues if this source code is posted, since neither is supported any longer.

Symantec says it has been in contact with law enforcement since it received the extortion attempt. Some of what appears to be a sting operation was evident in an email string posted online by a person named Yamatough, a name similar to the an Indian hacker who is associated with the Lords of Dharmaraja group that earlier claimed to have source code to some Symantec products.

Email purporting to come from "Sam Thomas," appearing to be a Symantec employee but using a Gmail address, offered to pay $50,000 but wanted assurances that the hacker wouldn't release the source code after payment. "Sam Thomas" offered to pay $2,500 a month for the first three months, with payments starting next week.

Yamatough apparently rejected that offer stating, "our offshore people won't let us securely get the money because they won't process amounts less than 50K a shot". He gave "Sam Thomas" 10 minutes to decide whether to pay, and "Sam Thomas" relayed he needed more time. After that, the source code to the older versions of pcAnywhere and Norton Antivirus was publicly posted.

Symantec's Chris Paden says the email string posted by Anonymous was actually between them and a fake email address set up by law enforcement. Symantec says after it got the extortion attempt in January, it contacted law enforcement and turned the investigation over to them. So any email communications seen in the drama unfolding have actually been between Anonymous and law enforcement agents, not Symantec. "This was all part of their investigative techniques for these type of incidents," Paden says.

The threat from Anonymous to post the pcAnywhere source code has had Symantec in high gear the last few weeks, releasing patches since January 23 "to protect users against attacks that might transpire as a result of the code being made public," the security firm says.

"We have been conducting direct outreach to our customers since January 23rd to reiterate that, in addition to applying all relevant patches that have been released, we've also counseled customers to ensure that pcAnywhere version 12.5 is installed, and to follow general security practices."

Symantec says it has not yet determined how the hackers exactly obtained the cache of older source code they now have.

"It is part of an original cache of code for 2006 versions of the products," Paden states. "We still have not determined how Anonymous came into possession of the 2006 source code." He adds the investigation by both Symantec and its partners in the law enforcement community (which it declines to name) is still ongoing.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *