The threat from a hacker to Symantec was confirmed to be true by Symantec itself. Symantec told ZDNet Australia the hacker declared itself to be a part of the notorious Anonymous hacktivist group. Symantec had been a victim to the hackers, right on the New Year’s Day.
The person who was claiming to be a part of the Anonymous group threatened Symantec to pay ransom for not exposing the stolen Symantec source code in public. Symantec carried out a secret investigation by taking help from law enforcement and for the purpose of investigation had contacted the hacker. Symantec has not yet revealed the name of the law enforcement as their investigation is still going on.
The conversations between Symantec and the hacker posted Pastebin by the hacker, was as follows:
“Management needs assurances,” Thomas, a representative of Symantec wrote to the hacker.
“If we don’t hear from you in 30 minutes, we make an official announcement and put your code on sale at auction terms. We have many people who are willing to get your code. Don’t f*** with us,” the Hacker replied after waiting for around five days.
“We have a rule — and we always follow it: if you are the owner — you have the right to be the first one asked. That is why we kept silent at the time of negotiating with you,” replied Thomas.
“We stick to the word given, and nothing is going to happen to the code if we complete the deal. Were we not that way, we would have already sold your code to that willing many,” the hacker, known to be named Yamatough tried to persuade.
“How much do you consider enough to pay us in order to work all the issues out? Name the price. Clock’s tikin [sic],” Yamatough added.
“We will pay you $50,000.00 USD total.”
“However, we need assurances that you are not going to release the code after payment. We will pay you $2500 a month for the first three months. Payments start next week. After the first three months, you have to convince us you have destroyed the code before we pay the balance. We are trusting you to keep your end of the bargain.”
“You know how the corporate environment works, and we have to treat this like a business transaction,”
“You will make a public statement on behalf of your group that you lied about the hack (as you previously stated). Once that’s done, we will pay the rest of the $50,000 to your account, and you can take it all out at once. That should solve your problem,”
The hacker was not ready to agree on the last condition so he finally posted on Twitter that the source code for System Works, PCAnywhere, Internet Security and Norton GoBack is now being sold.