Hackers fail to extort $50,000 from Symantec, as pcAnywhere source code is published

Graham Cluley
Graham Cluley
@[email protected]

Symantec has confirmed that a file made available on the internet for anyone to download, does contain the source code for an old version of its pcAnywhere product.

Symantec statement

For a short while last month, before releasing a patch, Symantec advised customers to disable their pcAnywhere installations because of concern that hackers could exploit vulnerabilities.

In addition, the firm says that in January someone claiming to be the hacker responsible for the data theft tried to extort $50,000 from the firm in exchange for not releasing Symantec’s stolen source code.

Sign up to our free newsletter.
Security news, advice, and tips.

Yama Tough, of the Anonymous-affiliated Lords of Dharmaraja hacking gang, posted what he claims was a chain of emails sent between himself and Symantec employee “Sam Thomas” negotiating the payment.

Email exchange

Symantec says that it never made any offers to meet the hackers’ extortion demands and worked with law enforcement agencies. It seems quite possible (if not downright likely) that “Sam Thomas” wasn’t a Symantec employee at all, but instead working for the FBI.

Eventually, Yama Tough lost patience and published the pcAnywhere source code.

pcAnywhere source code download

As well as pcAnywhere’s source code being available for download from popular torrent websites, there could be further disclosures.

According to Symantec, hackers have so far posted code for the 2006 versions of Norton Utilities and pcAnywhere. The firm says that it is expecting source code to be published for other Symantec products:

“We also anticipate that at some point, they will post the code for the 2006 versions of Norton Antivirus Corporate Edition and Norton Internet Security. As we have already stated publicly, this is old code and Symantec and Norton customers will not be at an increased risk as a result of any further disclosure related to these 2006 products.”

SymantecWith customers reassured by Symantec that the illegal theft and distribution of the source code poses no increased risk, the company will be keen to put this episode behind it and move on.

Symantec seems to have done the right thing throughout this incident – investigating what occurred, and openly sharing with its users what it discovered about a security breach from years before.

Furthermore, they recognise that they have been victims of a criminal act and have called in the authorities to investigate and (one hopes) bring the culprits to justice.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.