Anonymous publishes email exchange with Symantec over $50K payoff


Released in a Pastebin dump earlier today, members of Anonymous published a long series of emails between Anonymous member “Yamatough” and a representative of Symantec going by the name of Sam Thomas. While there’s no Sam Thomas listed on LinkedIn as working at Symantec, the IP address within the header of the exchange linked to the original “sam_thomas@symantec.com” email account can be traced back to Symantec’s Mountain View, California headquarters. Writing from a Venezuelan email address, Yamatough was eventually offered $50,000 by Thomas to deliver proof of pcAnywhere and Norton Antivirus source code as well as destroy the original code. Thomas also wanted Anonymous to release a statement that the group did not hack Symantec during 2006.  

symantec-pc-anywhereDuring the opening negotiations, Thomas shifted to a Gmail account on January 20, 2012 in an attempt to receive attachments related to the source code. Yamatough emailed proof of the source code as well as the directories where Anonymous discovered the files. In the next series of exchanges, Thomas stalled for time claiming that it took five days to setup a standalone FTP server for Yamatough to upload the files “securely”.

On Wednesday January 25, Yamatough told Thomas that he had until Monday to work out the details. During this exchange, Symantec released a public statement regarding the safety of pcAnywhere which said “At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks.”

The conversation between Yamatough and Thomas continued on Monday, January 30 and the discussion shifted to money. Yamatough was pushing for Thomas to use a payment company called Liberty Reserve in order to wire money into an offshore account. While Thomas claimed to check with Symantec’s finance department, Yamatough also offered the option of a wire transfer to a bank account in Lithuania or Latvia. Thomas returned with more claims of difficulty in setting up the Liberty Reserve account and offered to send Yamatough a $1,000 payment through Paypal as a sign of good faith.

anonymousYamatough turned down the offer of the Paypal payment, but waited on a decision with Liberty Reserve. Thomas responded by increasing the overall payment amount to $50,000 and attempting to negotiate the payment into $2,500 blocks over the next three months. The bulk of the payment would be offered on proof of the destruction of the source code for both pcAnywhere and Norton Antivirus as well as a public lie about the hacking attempt. 

Yamatough responded with the claim that the people running the offshore account wouldn’t process payments less than $50,000 at a time and immediately became wary that Symantec was working with the FBI in the form of Sam Thomas. Thomas attempted to continue negotiating with Yamatough, but all discussion fell apart a few hours ago.

In a comment released by Cris Paden, Sr. Manager for Corporate Communications at Symantec, he stated “In January an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession. Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property.”

Paden continued “The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide,” within a public comment at Infosec Island

Assuming Paden’s comment is true, it’s highly likely that the $50,000 offer came from a law enforcement agent posing as Symantec employee Sam Thomas in order to entrap Yamatough. After posting the email exchange on Pastebin, a link to the pcAnywhere source code was posted on the official AnonymousIRC Twitter account as well as being confirmed by TheRealSabu. Symantec has not confirmed that the released file is the pcAnywhere source code at the time of this article’s publication.

Movies & TV

Save a few bucks with the best free feature-length movies on YouTube

Bank account emptier than you thought? Check out our curated list of the best full-length movies on YouTube to find flicks that are free, legally uploaded, and actually worth watching.

The best free music download sites that are totally legal

Finding music that is both free and legal to download can be difficult. We've hand-picked a selection of the best free music download sites for you to legally download your next favorite album.

Could Google Stadia finally make game streaming a great way to play?

Google Stadia could be the game streaming service that finally does it right. High-resolution, HDR gaming, at high-frame rates for anyone in the world on almost any device? It's a tall order, but if anyone can do it, it's Google.

Not sure if Amazon Prime is right for you? Here is everything you need to know

So what is Amazon Prime? Is the premium membership really worth the cost of admission? With Prime Day, Prime Photos, Twitch Prime, and more, it might be worth jumping on board Amazon's all-inclusive membership program.

Afraid that Bitcoin could be a bubble? Here's how to sell what you've got

If you're investing in cryptocurrencies, it's important to have your exit strategy in place if prices start to crash. If you've decided it's time to get out or just want to learn how to sell Bitcoins, here's how to get started.
Small Business

The 15 best tech jobs boast top salaries, high satisfaction, lots of openings

June may be ending, but the bonanza of tech jobs just keeps coming. High-paying jobs abound at companies where people love to work. If you’re ready to make a change, this is a great time to look for something more fulfilling.   

Forget work and find Google’s hidden, fun, time-wasting Wimbledon tennis game

Google has hidden a fun game based around the Wimbledon tennis tournament in its Search engine, ready for those looking to take a short (or not so short) break from what you should really be doing. Work, probably.
Movies & TV

20 Netflix hacks, tips, and tricks to make your streaming experience better

Netflix's tried-and-true formula hardly begs for improvement, but you can get even more out of your subscription with these 20 Netflix tips and tricks, sure to improve your online streaming experience.
Social Media

YouTube offers creators more ways to boost their bank accounts

Whether you're a top YouTube creator or just breaking into the game, the video-streaming site has some new features designed to help you please your fans and increase your bank balance.

All of these services let you own your content, so you’ll never lose it

With the closure of Microsoft's ebook store, consumers have begun to wonder exactly how much of their digital media they actually own, and how much is licensed. For the average person, the news isn't great.

Need to block ads and trackers? Browse our list of the best browsers for privacy

Whether your privacy concerns are focused on controlling cookies or blocking ads and malware, you're sure to find the best browser for your security needs among our picks for the best browsers for privacy.

A new phishing scam targets Amazon users just in time for Prime Day

Security researchers at McAfee say that hackers have released a do-it-yourself kit that allows people to easily put together phishing scams targeting Amazon users -- just in time for Prime Day.
Emerging Tech

Stay up to date on Tropical Storm Barry's path with these apps and websites

Looking to track Tropical Storm Barry as it makes landfall and heads into the southeastern U.S.? We've assembled a list of the best hurricane tracking apps and websites to stay ahead of the storm, and out of harm's way.
Movies & TV

Tired of Netflix? Here's where to find free movies online, legally

We've spent countless hours digging around the web to find the best sites for streaming free movies online. Not only are all of these sites completely free to use, they're also completely legal and trustworthy.