Hackers from the Anonymous affiliated organization Lords of Dharmaraja have published the source code for Symantec’s pcAnywhere software after extortion negotiations between the hackers and Symantec broke down.
Lords of Dharmaraja says that Symantec officials offered them payment to stop the release of the code, a claim which the company denies. Leaked emails posted on Pastebin do not make it clear which party first proposed the hush payment, though Symantec quickly involved law enforcement agencies and attempted to set up an undercover sting operation.
“In January an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession,” said Symantec spokesman Cris Padent.
“Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide.”
Lords of Dharmaraja claims to have discovered the source code during a raid on the servers of India’s spy service in 2006. The etymology of the group’s name comes from the lore of Dharma Raja, an Indian King who granted asylum to thousands of Hindus and Christians fleeing the military and religious onslaught of Tipu Sultan, a Muslim tyrant.
The timeline of the email correspondence ends Monday with an ultimatum from the hackers to wire $50,000 to an offshore Liberty Reserve account or the source code would be released. Symantec’s “Sam Thomas” (an undercover law enforcement agent) responded with a request for more time to check with the “finance people”, but the hackers ignored the request and released the code.
Mr. Paden says that Symantec had prepared for a worst case scenario, and had developed a series of patches for pcAnywhere that would nullify any exploits developed from the stolen code.
He added that the products that hackers likely had source code for, Norton Antivirus Corporate Edition and Norton SystemWorks, are no longer being sold by Symantec.