Hackers release Symantec pcAnywhere source code

Symantec/Anonymous

Symantec

(CBS) - Hackers related to the group Anonymous made good on a threat that they would release the source code for the Symantec software pcAnywhere.

The files were uploaded to The Pirate Bay Tuesday, leaving anyone without an updated patch of the software vulnerable to hackers taking control of their computers. PcAnywhere is software that enables users to control their computer remotely.

Hackers attempt to extort $50000 from Symantec

The hackers, who call themselves Yamatough, released the code after a negotiation with a law enforcement officer posing as Symentec employee Sam Thomas failed. But, according to a tweet by @AnonymousIRC, the group was planning to release the code all along.

Several Twitter accounts associated with Anonymous allege Symantec tried to "bribe" them to keep their source code private.

"Symantec tried to bribe hackers not to release their source code. Don't they know you can't bribe an idea?" tweeted @YourAnonNews.

But, the emails are more like an extortion attempt.

Yamatough stole Symantec source code and threatened to release the data if they were not paid a large sum of cash. The hackers have also threatened to release the source code for Norton Antivirus Corporate Edition and Norton Internet Security.

Symantec has been busy preparing for the possible security breach and released this statement Tuesday.

Symantec was prepared for the code to be posted at some point, and has developed and distributed a series of patches since Jan. 23rd to protect our users against known vulnerabilities. We have been conducting direct outreach to our customers since Jan. 23rd to reiterate that in addition to applying all relevant patches that have been released, customers should also ensure that pcAnywhere version 12.5 is installed, and follow general security best practices

If customers are unable to adhere to this guidance and have not installed the latest version with current patches, we recommend that they contact pcanywhere@symantec.com for additional assistance.

On Monday, January 23, 2012, Symantec released a patch that eliminates known vulnerabilities affecting customers using pcAnywhere 12.5. On Friday, January 27, 2012, Symantec released a patch that eliminates known vulnerabilities affecting customers using pcAnywhere 12.0 and pcAnywhere 12.1.

We anticipate that Anonymous will post the rest of the code they have claimed to have in their possession. So far, they have posted code for the 2006 versions of Norton Utilities and pcAnywhere. We also anticipate that at some point, they will post the code for the 2006 versions of Norton Antivirus Corporate Edition and Norton Internet Security. As we have already stated publicly, this is old code, and Symantec and Norton customers will not be at an increased risk as a result of any further disclosure related to these 2006 products.

SOMETHING HERE

Comments