An email exchange between Symantec and the hacking group that stole source code back in 2006 has surfaced revealing an extortion attempt. The hackers wanted money from Symantec to ensure the source code was never released online.
The email exchange between hacking group Yamatough and a Symantec employee named Sam Thomas was posted to Pastebin. The exchange contains the back and forth of a deal that involved Symantec paying the group $50,000 in order to keep the source code from Norton Antivirus under wraps, which was stolen back in 2006.
Thomas wrote in an email,
“We will pay you $50,000.00 USD total. However, we need assurances that you are not going to release the code after payment. We will pay you $2,500 a month for the first three months. Payments start next week. After the first three months you have to convince us you have destroyed the code before we pay the balance. We are trusting you to keep your end of the bargain.”
Symantec confirmed to CNET that the extortion attempt had happened in a statement that read,
“In January an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession. Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide.”
After weeks of discussions it seems the deal broke down and AnonymousIRC tweeted “#Symantec software source codes to be released soon. stay tuned folks!!! #Anonymous #AntiSec #CockCrashed #NortonAV.”
The final two emails in the chain, dated February 6, involve an ultimatum by Yamatough stating that if Thomas does not decide whether to pay the $50,000 in ten minutes, the code will be released.
“Since no code yet being released and our email communication wasnt also released we give you 10 minutes to decide which way you go after that two of your codes fly to the moon PCAnywhere and Norton Antivirus totaling 2350MB in size (rar) 10 minutes if no reply from you we consider it a START this time we’ve made mirrors so it will be hard for you to get rid of it.”
Thomas simply replied, “We can’t make a decision in ten minutes. We need more time.”
Last night a file was posted to The Pirate Bay with a size of 1.2GB and the name “Symantec’s pcAnywhere Leaked Source Code.” It’s not yet been confirmed by Symantec if that is actual source code from the program. If it ends up being actual code, then we know that the hackers have followed through on their threat.