Symantec has confirmed that a file made available on the internet for anyone to download, does contain the source code for an old version of its pcAnywhere product.
For a short while last month, before releasing a patch, Symantec advised customers to disable their pcAnywhere installations because of concern that hackers could exploit vulnerabilities.
In addition, the firm says that in January someone claiming to be the hacker responsible for the data theft tried to extort $50,000 from the firm in exchange for not releasing Symantec’s stolen source code.
Yama Tough, of the Anonymous-affiliated Lords of Dharmaraja hacking gang, posted what he claims was a chain of emails sent between himself and Symantec employee “Sam Thomas” negotiating the payment.
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.