Web

Anonymous publishes email exchange with Symantec over $50K payoff

anonymous

Released in a Pastebin dump earlier today, members of Anonymous published a long series of emails between Anonymous member “Yamatough” and a representative of Symantec going by the name of Sam Thomas. While there’s no Sam Thomas listed on LinkedIn as working at Symantec, the IP address within the header of the exchange linked to the original “sam_thomas@symantec.com” email account can be traced back to Symantec’s Mountain View, California headquarters. Writing from a Venezuelan email address, Yamatough was eventually offered $50,000 by Thomas to deliver proof of pcAnywhere and Norton Antivirus source code as well as destroy the original code. Thomas also wanted Anonymous to release a statement that the group did not hack Symantec during 2006.  

symantec-pc-anywhereDuring the opening negotiations, Thomas shifted to a Gmail account on January 20, 2012 in an attempt to receive attachments related to the source code. Yamatough emailed proof of the source code as well as the directories where Anonymous discovered the files. In the next series of exchanges, Thomas stalled for time claiming that it took five days to setup a standalone FTP server for Yamatough to upload the files “securely”.

On Wednesday January 25, Yamatough told Thomas that he had until Monday to work out the details. During this exchange, Symantec released a public statement regarding the safety of pcAnywhere which said “At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks.”

The conversation between Yamatough and Thomas continued on Monday, January 30 and the discussion shifted to money. Yamatough was pushing for Thomas to use a payment company called Liberty Reserve in order to wire money into an offshore account. While Thomas claimed to check with Symantec’s finance department, Yamatough also offered the option of a wire transfer to a bank account in Lithuania or Latvia. Thomas returned with more claims of difficulty in setting up the Liberty Reserve account and offered to send Yamatough a $1,000 payment through Paypal as a sign of good faith.

anonymousYamatough turned down the offer of the Paypal payment, but waited on a decision with Liberty Reserve. Thomas responded by increasing the overall payment amount to $50,000 and attempting to negotiate the payment into $2,500 blocks over the next three months. The bulk of the payment would be offered on proof of the destruction of the source code for both pcAnywhere and Norton Antivirus as well as a public lie about the hacking attempt. 

Yamatough responded with the claim that the people running the offshore account wouldn’t process payments less than $50,000 at a time and immediately became wary that Symantec was working with the FBI in the form of Sam Thomas. Thomas attempted to continue negotiating with Yamatough, but all discussion fell apart a few hours ago.

In a comment released by Cris Paden, Sr. Manager for Corporate Communications at Symantec, he stated “In January an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession. Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property.”

Paden continued “The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide,” within a public comment at Infosec Island

Assuming Paden’s comment is true, it’s highly likely that the $50,000 offer came from a law enforcement agent posing as Symantec employee Sam Thomas in order to entrap Yamatough. After posting the email exchange on Pastebin, a link to the pcAnywhere source code was posted on the official AnonymousIRC Twitter account as well as being confirmed by TheRealSabu. Symantec has not confirmed that the released file is the pcAnywhere source code at the time of this article’s publication.

Business

Apple banned from distributing some iPhone models in Germany

Apple is following the FTC's lead and has sued Qualcomm for a massive $1 billion in the U.S., $145 million in China, and also in the U.K., claiming the company charged onerous royalties for its patented tech.
Computing

Our favorite Chrome themes add some much-needed pizzazz to your boring browser

Sometimes you just want Chrome to show a little personality and ditch the grayscale for something a little more lively. Lucky for you, we've sorted through the Chrome Web Store to find best Chrome themes available.
Social Media

A quick swipe will soon let you keep bingeing YouTube on mobile devices

The YouTube mobile app has a new, faster way to browse: Swiping. Once the update rolls out, users can swipe to go to the next (or previous) video in the recommended list, even while viewing in full screen.
Business

Cathay Pacific messes up first-class ticket prices — again

A couple of weeks ago, an error on Cathay Pacific's website resulted in first-class seats selling for a tenth of the price. On Sunday, January 13, the airline made the error again. The good news is that it'll honor the bookings.
Computing

Reluctant to give your email address away? Here's how to make a disposable one

Want to sign up for a service without the risk of flooding your inbox with copious amounts of spam and unwanted email? You might want to consider using disposable email addresses via one of these handy services.
Social Media

YouTube to crack down on dangerous stunts like the ‘Bird Box’ challenge

YouTube already bans content showing dangerous activities, but new rules published by the site go into greater detail regarding potentially harmful challenges and pranks, including certain blindfold- or laundry detergent-based stunts.
Social Media

Nearly a million Facebook users followed these fake Russian accounts

Facebook purged two separate groups behind more than 500 fake accounts with Russian ties. One group had ties to Russian news agency Sputnik, while the other had behavior similar to the Internet Research Agency's midterm actions.
Computing

Pinning websites to your taskbar is as easy as following these quick steps

Would you like to know how to pin a website to the taskbar in Windows 10 in order to use browser links like apps? Whichever browser you're using, it's easier than you might think. Here's how to get it done.
Computing

Want to save a webpage as a PDF? Just follow these steps

Need to quickly save and share a webpage? The best way is to learn how to save a webpage as a PDF file, as they're fully featured and can handle images and text with ease. Here's how.
Computing

Delete tracking cookies from your system by following these quick steps

Cookies are useful when it comes to saving your login credentials and other data, but they can also be used by advertisers to track your browsing habits across multiple sites. Here's how to clear cookies in the major browsers.
Web

Switch up your Reddit routine with these interesting, inspiring, and zany subs

So you've just joined the wonderful world of Reddit and want to explore it. With so many subreddits, however, navigating the "front page of the internet" can be daunting. Here are some of the best subreddits to get you started.
Smart Home

Amazon Prime members number more than 100 million in the U.S., survey says

Consumer Intelligence Research Partners estimated there were 101 million U.S. Amazon Prime members as of December 31, 2018. Last April, CEO Jeff Bezos wrote there were more than 100 global million Prime members.
Computing

It's not all free money. Here's what to know before you try to mine Bitcoin

Mining Bitcoin today is harder than it used to be, but if you have enough time, money, and cheap electricity, you can still turn a profit. Here's how to get started mining Bitcoin at home and in the cloud.
Computing

Need a free alternative to Adobe Illustrator? Here are our favorites

Photoshop and other commercial tools can be expensive, but drawing software doesn't need to be. This list of the best free drawing software is just as powerful as some of the more expensive offerings.