Skip to: Content
Skip to: Site Navigation
Skip to: Search


Horizons

Negotiating with Anonymous: Symantec talks collapse, source code released

Security software company Symantec tried to negotiate this week with the hacker group Anonymous to prevent the release of source code stolen in 2006. But the talks failed, and now Anonymous has published both the code and the email trail detailing negotiations.

By / February 8, 2012

People wearing masks often used by a group that calls itself Anonymous take part in a rally in Madrid on May 15. On Tuesday afternoon, the "hacktivist" network Anonymous published the source code to security software vendor Symantec's pcAnywhere program on torrent sites, apparently after negotiations to the tune of $50,000 fell through.

Arturo Rodriguez/AP/File

Enlarge

Looks like the hackers win this round.

Skip to next paragraph

Recent posts

On Tuesday afternoon, the "hacktivist" network Anonymous published the source code to security software vendor Symantec's pcAnywhere program on torrent sites, apparently after negotiations to the tune of $50,000 fell through. Anonymous posted emails earlier this week detailing the negotiations, which took place between "Yamatough," an online personality representing an Anonymous-affiliated group, and either a Symantec employee or a law enforcement sting operation (it depends on who you ask).

According to the emails, Symantec offered Yamatough $50,000 in exchange for the destruction of the source code and a public statement saying that Symantec hadn't been hacked in the first place. Negotiations broke down when Yamatough demanded the money be sent through Liberty Reserve, an offshore account, and accused Symantec of cooperating with the FBI. Symantec asked for more time to negotiate and asked to send the money in small chunks, but the email exchange broke off after Yamatough gave the company ten minutes to "decide which way you go."

The alleged hack happened way back in 2006, but the issue didn't surface until last month. When Anonymous threatened to release the code in late January, Symantec initially asked users to stop using pcAnywhere, fearing that known vulnerabilities might be exploited. A few days later, it released patches for affected version that plugged the security holes.

At the same time, however, Symantec was apparently negotiating with the hackers to prevent the public release of the code. And now that negotiations have broken down, "pcAnywhere" is out in the wild, accompanied by the logo of the Anonymous subgroup "AntiSec." The group also threatened to publish the source code to several Norton antivirus programs, although that hasn't happened yet.

What's to be done? Well, it doesn't look like users are at much risk. Symantec has already released patches for pcAnywhere to protect against the vulnerabilities in the leaked code, and it says the Norton code is too old to be used for cyber attacks. But the hack certainly leaves Symantec with a public relations mess on its hands. Cris Praden, the company's Senior Manager for Corporate Communications, commented that Symantec contacted law enforcement as soon as the "attempted extortion and apparent theft of intellectual property" came to light.

Readers, are you battening down your security hatches? What do you think the fallout for Symantec will be for this incident? Let us know in the comments.

For more tech news, follow us on Twitter @venturenaut. And don’t forget to sign up for the weekly BizTech newsletter.

Permissions

Read Comments

View reader comments | Comment on this story

  • Weekly review of global news and ideas
  • Balanced, insightful and trustworthy
  • Subscribe in print or digital

Special Offer

 

Doing Good

 

What happens when ordinary people decide to pay it forward? Extraordinary change...

Danny Bent poses at the starting line of the Boston Marathon in Hopkinton, Mass.

After the Boston Marathon bombings, Danny Bent took on a cross-country challenge

The athlete-adventurer co-founded a relay run called One Run for Boston that started in Los Angeles and ended at the marathon finish line to raise funds for victims.

 
 
Become a fan! Follow us! Google+ YouTube See our feeds!