Symantec expects Anonymous to publish more stolen source code
Confirms that BitTorrent file is pcAnywhere's source code after sting operation fails
Computerworld - Symantec today confirmed that the pcAnywhere source code published on the Web Monday by hackers who tried to extort $50,000 from the company was legitimate.
A company spokesman also said that Symantec expects that the rest of the source code stolen from its network in 2006 will also be made public.
Symantec's acknowledgement followed the appearance late Monday of a 1.3GB file on various file-sharing websites, including Pirate Bay, that claimed to be the source code of the pcAnywhere remote-access software.
Download activity for the BitTorrent file has been moderately brisk: As of mid-morning Tuesday, Pirate Bay identified 376 "seeders," the term for a computer that has a complete copy of the file -- and about 200 "leechers," or computers that have downloaded only part of the complete torrent.
The Anonymous hacking group claimed responsibility for posting the pcAnywhere source code.
"We can confirm that the source code is legitimate," said Cris Paden, a spokesman for Symantec, in an email reply to questions. "It is part of the original cache of code for 2006 versions of the products that Anonymous has claimed to have been in possession during the last few weeks."
Also on Monday, an individual or group going by the name "Yama Tough" had published a series of emails on Pastebin that detailed an attempt to extort $50,000 from Symantec.
Previously, Yama Tough had claimed responsibility for stealing the source code to pcAnywhere and other Symantec security software. At one point, Yama Tough had threated to publish the source code, but then recanted.
The Pastebin-posted emails covered negotiations between Yama Tough and someone identified as "Sam Thomas," supposedly a Symantec employee, over payment for not disclosing the source code. In fact, Thomas was a pseudonym used by U.S. authorities, whom Symantec had alerted to the threat.
"In January, an individual claiming to be part of the 'Anonymous' group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession," said Paden. "Symantec conducted an internal investigation into this incident and also contacted law enforcement, given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation."
Paden declined to identify the law enforcement agency, but the Federal Bureau of Investigation (FBI) has jurisdiction in extortion attempts that affect foreign or interstate commerce.
The negotiations went on for nearly a month -- the emails began on Jan. 18 -- but broke down when Yama Tough rejected Thomas' conditions, which included an offer of payments of $2,500 each month for the first three months, with the balance to be paid on proof that the copy of the stolen source code had been destroyed.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Cybercrime and Hacking White Papers | Webcasts