Source code theft: Symantec and the $50 000 ransom
February 07th, 2012 - 01:46 pm ET by J. G.
A computer hacker has provided details of emails in which Symantec appeared ready to pay 50 000 dollars to get their stolen source code back. According to the editor, this was done as part of a police infiltration.
The theft of source code used in Symantec products continues to be spoken about. While the events go back to 2006, the editor has released corrective patches for PCAnywhere to correct security vulnerabilities in the program. Computer hackers confirm that they are also in possession of code belonging to other products including Norton Antivirus.
According to Symantec, a hacker who belongs to the group Lords of Dharmaraja, who is more or less associated with Anonymous, is in possession of the code. To try and avoid the source code from being divulged on the Web, while assuring that it is destroyed, it can be seen through an email exchange put online on Pastebin that Symantec has gone great lengths to protect their products.
A conversation appears to have taken place between an apparent Symantec employee (Sam Thomas) and YamaTough (the hacker) who lives in Mumbai, India. If we are to believe this conversation, Symantec offered 50 000 dollars to YamaTough to avoid leaks of the code.
The Symantec employee was apparently not so, and was instead an undercover police officer. A Symantec spokesman stated to Reuters that no monies were paid. As for YamaTough... he was probably not caught. During the email exchange, he writes to his contact "Say hi to the FBI agents".
YamaTough declared to Reuters that he never had the intention of taking the money. On Twitter, he adds that all source code taken was already up for sale, and that the Norton Antivirus code would be published in the coming hours.