According to email transcripts posted to Pastebin yesterday, and confirmed by the company, a group of hackers attempted to extort $50,000 from Symantec in exchange for not releasing its stolen PCAnywhere and Norton Antivirus source code. Hackers associated with the group Anonymous known as the Lords of Dharamaja leaked what appears to be another 1.27 gigabytes of source code from Symantec Monday night, what they claim is the source code of the Symantec program PCAnywhere.
A 1.2GB file labeled "Symantec's pcAnywhere Leaked Source Code" has been posted to The Pirate Bay. We have asked Symantec whether this code is authentic and will update when we hear back.
The leak comes as little surprise: Symantec had previously revealed that the hackers had obtained 2006 versions of that code along with other Symantec products from the same time period, and warned users of PCAnywhere to disable its functionality until they patched the program earlier this month.
The emails between Symantec employee Sam Thomas and the hacker(s) Yamatough, began in January. Symantec confirmed in a statement that it had contacted law enforcement after confirming the theft of the code and that the email exchange was, in fact, part of a criminal investigation. The email thread ended yesterday with Yamatough threatening to immediately release the code:
Since no code yet being released and our email communication wasn't also released we give you 10 minutes to decide which way you go after that two of your codes fly to the moon PCAnywhere and Norton Antivirus totaling 2350MB in size (rar) 10 minutes if no reply from you we consider it a START this time we've made mirrors so it will be hard for you to get rid of it.
“You won’t believe it but Symantec offered us money to keep quiet,” a hacker from the group who uses the name YamaTough wrote on Twitter. “And quess what they couldn’t make it over 50k for the whole range of their src shit, therefore the show starts as of tuday.”In fact, Symantec says it never made any offer to meet the hackers’ extortion demands. “Sam Thomas,” Symantec spokesperson Cris Paden told , was the false name created by law enforcement agents who pretended to pursue the negotiations only to attempt to trace the hackers.
Read the entire leaked email chain between the hacker YamaTough and the law enforcement agent pretending to be a Symantec exec here.