Hacker releases Symantec source code

By Joseph Menn and Frank Jack Daniel

February 7, 2012 6:35 PM EST

A hacker released the source code for antivirus firm Symantec's pcAnywhere utility on Tuesday, raising fears that others could find security holes in the product and attempt takeovers of customer computers.

Share This Story

The release followed failed email negotiations over a $50,000 payout to the hacker calling himself YamaTough to destroy the code.

The email thread was published on Monday, but the hacker and the company said their participation had been a ruse. YamaTough said he was always going to publish the code, while Symantec said law enforcement had been directing its side of the talks.

The negotiations also might have bought Symantec time while it issued fixes to the pcAnywhere program, which allows customers to access their desktop machines from another location.

"Symantec was prepared for the code to be posted at some point and has developed and distributed a series of patches since January 23rd to protect our users against known vulnerabilities," said company spokesman Cris Paden.

Follow us

Symantec had taken the extraordinary step of asking customers to stop using the software temporarily until it readied the patches. It issued fixes for "known vulnerabilities" in version 12.5 of the software on January 23 and fixes for versions 12.0 and 12.1 on Friday January 27.

Paden said that Symantec had contacted its customers and that it had not lost any customers. He said that if they were running up-to-date, patched versions they should not face increased risk.

Symantec also expects hackers to release other source code in their possession, 2006 versions of Norton Antivirus Corporate Edition and Norton Internet Security. "As we have already stated publicly, this is old code, and Symantec and Norton customers will not be at an increased risk as a result of any disclosure," Paden said.

The emails over the $50,000 payoff was widely circulated, with some mocking the world's largest standalone security company for its apparent attempt to buy protection.

But the company said the emails were in fact between the hacker and law enforcement officials posing as a Symantec employee.

"The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation," Paden said, adding that no money was paid.

Paden declined to name the law enforcement agency, saying it could compromise the investigation.

Symantec had previously confirmed the hacker, part of a group called Lords of Dharmaraja and affiliated with Anonymous, was in possession of source code for its products, obtained in a 2006 breach of the company's networks.

The email exchange released by the hacker, who claims to be based in Mumbai, India, shows drawn-out negotiations with a purported Symantec employee starting on January 18.

1 | 2 | View all
Copyright 2012 Thomson Reuters. All rights reserved.
Sponsor Link:

We recommend

News From Partners

More from Finance

Join the Conversation

Popular Multimedia

IBTimes TV
More

73 yr Old Becomes Oldest Woman to Climb Mount Everest

Most Viewed

1 2 3
  1. IMG TXT
    Video of Parents Locking Child in Washing Machine Goes Viral
  2. IMG TXT
    Facebook Shares Fall Sharply in Morning Trade Following Shaky IPO
  3. IMG TXT
    Police Use Batons Against Protesters, Including Women, in India
  1. IMG TXT
    Fired for Being Too Busty, Lingerie Temp Will Sue
  2. IMG TXT
    Scientists Turn Skin Cells into Beating Heart Muscle
  3. IMG TXT
    World Bank Forecasts Lower Growth For China in 2012
  1. IMG TXT
    SpaceX Dragon Flies past the International Space Station
  2. IMG TXT
    Introducing the World’s Richest Woman Gina Rinehart
  3. IMG TXT
    Wall Street Rebounds as Apple Gains and Investors Dump Facebook
Most Read
  1. Spain's Bankia shares suspended: regulator
  2. Government plans migrant curbs if euro folds - paper
  3. Bankia, Catalonia pile on Spanish debt worries
  4. Bankia set to ask Spain for more than $19 billion
  5. Murdoch private eye targeted U.S. hedge fund boss

Global Markets
Existing Home Sales Jump, World Banks Lowers China Forecast, Euro Prepares for Greek Exit

Recommended for you
Close
  1. Spain's Bankia shares suspended: regulatorTrading in the securities of Spanish lender Bankia <BKIA.
  2. Government plans migrant curbs if euro folds - paperBritain is drawing up emergency immigration controls to combat any surge in economic migrants from Greece and other European Union...