The Verge/Washington Post
February 9, 2012
Protracted extortion negotiations with a hacker threatening to release stolen source code for several Symantec products ended yesterday with the code for pcAnywhere surfacing on The Pirate Bay. While Symantec has claimed it never had any intention of paying the $50,000 fee, and that the negotiations were part of a law-enforcement operation, the hacker in question has now told Reuters that he was always going to release the code. “We tricked them into offering us a bribe so we could humiliate them,” said YumaTough, thought to be part of the Anonymous-affiliated Lords of Dharamaja group.
According to the report, Symantec is already expecting the source code for additional programs to be released by the group as well — Norton AntiVirus was one application mentioned in email exchanges between YumaTough and a law-enforcement official posing as a Symantec employee — but the company again reiterated that any such leaks wouldn’t put their customers in danger. “As we have already stated publicly, this is old code,” company spokesperson Cris Paden said, “and Symantec and Norton customers will not be at an increased risk as a result of any disclosure.” The code was originally stolen in a network breach in 2006, but Symantec claims all current versions of its software will be immune to any attacks based upon vulnerabilities discovered in the 2006 versions.