Digital TrendsTechnology news and Product Reviews

Anonymous publishes email exchange with Symantec over $50K payoff

Mike Flacy By

anonymous

While Anonymous continues to go after public governments and corporations, Internet security firm Symantec is the latest company to receive attention from the hacking collective.

Released in a Pastebin dump earlier today, members of Anonymous published a long series of emails between Anonymous member “Yamatough” and a representative of Symantec going by the name of Sam Thomas. While there’s no Sam Thomas listed on LinkedIn as working at Symantec, the IP address within the header of the exchange linked to the original “sam_thomas@symantec.com” email account can be traced back to Symantec’s Mountain View, California headquarters. Writing from a Venezuelan email address, Yamatough was eventually offered $50,000 by Thomas to deliver proof of pcAnywhere and Norton Antivirus source code as well as destroy the original code. Thomas also wanted Anonymous to release a statement that the group did not hack Symantec during 2006.  

symantec-pc-anywhereDuring the opening negotiations, Thomas shifted to a Gmail account on January 20, 2012 in an attempt to receive attachments related to the source code. Yamatough emailed proof of the source code as well as the directories where Anonymous discovered the files. In the next series of exchanges, Thomas stalled for time claiming that it took five days to setup a standalone FTP server for Yamatough to upload the files “securely”.

On Wednesday January 25, Yamatough told Thomas that he had until Monday to work out the details. During this exchange, Symantec released a public statement regarding the safety of pcAnywhere which said “At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks.”

The conversation between Yamatough and Thomas continued on Monday, January 30 and the discussion shifted to money. Yamatough was pushing for Thomas to use a payment company called Liberty Reserve in order to wire money into an offshore account. While Thomas claimed to check with Symantec’s finance department, Yamatough also offered the option of a wire transfer to a bank account in Lithuania or Latvia. Thomas returned with more claims of difficulty in setting up the Liberty Reserve account and offered to send Yamatough a $1,000 payment through Paypal as a sign of good faith.

anonymousYamatough turned down the offer of the Paypal payment, but waited on a decision with Liberty Reserve. Thomas responded by increasing the overall payment amount to $50,000 and attempting to negotiate the payment into $2,500 blocks over the next three months. The bulk of the payment would be offered on proof of the destruction of the source code for both pcAnywhere and Norton Antivirus as well as a public lie about the hacking attempt. 

Yamatough responded with the claim that the people running the offshore account wouldn’t process payments less than $50,000 at a time and immediately became wary that Symantec was working with the FBI in the form of Sam Thomas. Thomas attempted to continue negotiating with Yamatough, but all discussion fell apart a few hours ago.

In a comment released by Cris Paden, Sr. Manager for Corporate Communications at Symantec, he stated “In January an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession. Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property.”

Paden continued “The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide,” within a public comment at Infosec Island

Assuming Paden’s comment is true, it’s highly likely that the $50,000 offer came from a law enforcement agent posing as Symantec employee Sam Thomas in order to entrap Yamatough. After posting the email exchange on Pastebin, a link to the pcAnywhere source code was posted on the official AnonymousIRC Twitter account as well as being confirmed by TheRealSabu. Symantec has not confirmed that the released file is the pcAnywhere source code at the time of this article’s publication.

In Case You Missed It:

Showing 9 comments

  1. Ed Smith at 12:18am 8th February 2012 Bad play, personally I would never have included the FBI in my corporate investigation, you should have surmised from the outset that Anon would call your bluff and dump your code to a newsgroup without hesitation, 50K is a drop in the bucket and all the bad press and subsequent sales loss you will see in 2012/2014 will pale in size of a mere 50K.In other-words you have made a very stupid dissension, people will also look at your inability to process a simple logical outcome and look at your overall business model and question weather or not Symantec should be used as a corporate infrastructure solution.
  2. Robert Haston at 3:18am 8th February 2012 Regardless of some negative comments, the truth is these are very powerful individuals, and I for one wonder if and when they will fall, or if they will just fade away. Surely they are aware of the fact that EVERYTHING comes to an end.......
  3. Brandy Youlkilis at 1:50pm 7th February 2012 The FBI is so frickin stupid its not even funny anymore. One bunch of goons chasing after another, thats all this is. Authority is wholly arbitrary and exists solely to ally the the insecure fears of humanity. As a result of this truth, institutions spend all their time doing nothing more than trying to maintain control and exert their "authority." However, the longer this goes on, the stupider the ranks get until you have full blown total ignorance. Thats what ya got here.
  4. Erik Martin at 1:48pm 7th February 2012 Mike Flacy, you shouldn't use words like "entrap" without knowing what they mean.
    1. TechFreak at 2:09pm 7th February 2012 What do you mean Erik? I thought the piece was fine.
    2. Mike Flacy at 2:42pm 7th February 2012 Definition of entrap:- To catch in or as if in a trap. - To lure into danger, difficulty, or a compromising situation.$50K payoff = lure, payment trail = trap. Ensnare, tempt or trick also works in that sentence.Are you thinking of the word entrapment? Definition: "The luring, by a police officer, of a person into committing a crime so that he may be prosecuted for it."
      1. Rhys Lloyd at 4:52pm 7th February 2012 Haha yeah I was pretty sure it made sense.Erik Martin, you shouldn't point out errors in someone's grammar unless you're certain they're actually errors.
  5. John Moody at 1:31pm 7th February 2012 Symantec Rekeased it. Not these irrelevant morons,
  6. Diana Winters at 1:01pm 7th February 2012 yikes
Close Suggestion Rumor: Amazon building brick-and-mortar store to stay competitive with iPad and Nook
View Article