$50,000 to keep hush goes south, Anonymous releases Symantec code
Negotiations between Symantec and hacker group “Anonymous” go sour — Norton Antivirus source code goes public. After email exchanges between the two head south, the group releases the company’s code to the public in which users can download – which Symantec has since ‘plugged’.
Symantec employee Sam Thomas was negotiating payment (part of a sting operation) with an individual named “Yamatough” to prevent release of PCAnywhere and Norton Antivirus code. “We will pay you $50,000.00 USD total,” Thomas said in an email. “However, we need assurances that you are not going to release the code after payment. We will pay you $2,500 a month for the first three months. Payments start next week. After the first three months you have to convince us you have destroyed the code before we pay the balance. We are trusting you to keep your end of the bargain.”A Symantec representative confirmed.
After weeks of negotiations discussions regarding proof of code and payment transfer, the deal broke down and the group has released the code. A group (or individual) called AnonymousIRC tweeted “#Symantec software source codes to be released soon. stay tuned folks!!! #Anonymous #AntiSec #CockCrashed #NortonAV”
Yamatough’s patience were wearing thin after weeks of discussion and later lead to his ultimatum with Symantec saying “If we dont hear from you in 30m we make an official announcement and put your code on sale at auction terms. We have many people who are willing to get your code. Dont **** with us.”. Yamatough later accused Symantec for trying to track email sources and warned the company.
“If you are trying to trace with the ftp trick it’s just worthless. If we detect any malevolent tracing action we cancel the deal. Is that clear? You’ve got the doc files and pathes to the files. what’s the problem? Explain.” Yamatough told Symantec.
Another email from the group told Symantec in its subject “say hi to FBI,”, accusing the company of being in contact with the feds – which Thomas denied. “We are not in contact with the FBI,” he wrote, falsely. “We are using this email account to protect our network from you. Protecting our company and property are our top priorities.”
The group has since released the code via a Bittorrent link taking users to login (will will not post links). Anonymous later tweeted “Symantec has been lying to its customers. We exposed this point thus spreading the world that ppl need” – #AntiSec #Anonymous. Spread and share!”
Symantec has said no customer data has been affected and that a fix to its vulnerabilities to the code have been resolved. “Symantec can confirm that a segment of its source code has been accessed. Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006,” it says in a statement on a page dedicated to the attack.
“Since 2006, Symantec has instituted a number of policies and procedures to prevent a similar incident from occurring. Furthermore, there are no indications that customer information has been impacted or exposed at this time.”