Source code for Symantec’s pcAnywhere software is now out in the wild, following failed negotiations between a hacker and the company. Emails published to Pastebin on Monday indicate that the hacker demanded $50,000 from the company to prevent the source code’s release, a conversation Symantec confirms is legitimate.
The company says it did not handle the negotiations, which were done in conjunction with law enforcement. “YamaTough”, the hacker behind the extortion attempt, tells Reuters in his own defense that even if the money was paid, he still intended to release the source code to Symantec’s remote desktop software.
Symantec disclosed that its code had been compromised in late January. At the time, users of the software were told to stop using the software completely until Symantec released a patch that would prevent unauthorized access to computers using the software.
About a week later, the company said it released a patch to remedy the issue and advised that the software was once again safe to use. It now looks like these negotiations — whether faked or not — were crucial in giving Symantec enough time to develop a fix.
In a statement, Symantec says that it “was prepared for the code to be posted at some point” and reminded users that patches are available to prevent unauthorized access. At the same time, a spokesperson acknowledged that it expects hackers to release code for other products, including Norton Antivirus Corporate Edition and Norton Internet Security.
That said, the release will have little effect. Unlike pcAnywhere the base code of those programs has changed significantly since the theft of the code in 2006, Symantec says.
In a chain of tweets, YamaTough remained defiant, and at times mocked the company. “What’s funny they valued their most precious intel property at 50k”, the hacker said in one tweet. “All the Symantec source codes are now on sale! PcAnywhere, System Works, Internet Security and Norton GoBack with Utilities, NAV”, another tweet reads.
Photo Credit: OleGunnarUA/Shutterstock
Article source: http://betanews.com/2012/02/08/hacker-taunts-symantec-releases-pcanywhere-source-code-promises-others/
View full post on National Cyber Security » Computer Hacking
