Anonymous activists release PCAnywhere source code

Anonymous activists release PCAnywhere source code

Summary: An Anonymous-associated hacker says the source code is for Symantec's PCAnywhere remote access software, and the activist has threatened to publish code for Norton Antivirus 'within seven hours'

SHARE:
TOPICS: Security
4

Anonymous activists have released source code for PCAnywhere onto the internet, hours after a hacker's negotiations for payment from Symantec broke down.

The code was posted on the Pirate Bay file-sharing website on Tuesday at around 5:40am, and the BitTorrent link was included in a post to the AnonymousIRC Twitter account, which has been used to publicise the activist group's claims in the past.

"Symantec has been lying to its customers. We exposed this point thus spreading the world that ppl need" - #AntiSec #Anonymous Spread and share!" said a statement accompanying the download link on Pirate Bay.

The security company told ZDNet UK the source code was bona fide on Tuesday.

"Symantec can confirm that the source code is legitimate," the company said. "It is part of the original cache of code for 2006 versions of the products that Anonymous has claimed to have been in possession during the last few weeks."

"Be advised, we also anticipate Anonymous to post the rest of the code they have claimed have in their possession. So far, they have posted code for the 2006 version of Norton Internet Security and PCAnywhere. We also anticipate that at some point, they will post the code for Norton Antivirus Corporate Edition and Norton Systemworks."

The appearance of the PCAnywhere code follows the failure of negotiations between a purported Symantec employee called 'Sam Thomas' and a hacker called 'YamaTough', who claimed to be a member of the Lords of Dhamaraja activist group, which is associated with Anonymous. In an email exchange posted on Pastebin, YamaTough appeared to be blackmailing Symantec for cash to destroy stolen source code, and the Symantec appeared to offer Yamatough $50,000 to do it.

However, the hacker claimed in a Tweet that he merely tricked Symantec into "offering a bribe", while the security company said the 'Sam Thomas' emails came from a fake account to investigate the "extortion" attempt.

"The communications with the person(s) attempting to extort the payment from Symantec were part of [a] law enforcement investigation," Symantec said in a statement on Monday. "Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide."

The email discussions between the two broke down on Monday at 10:46pm, and YamaTough said in a Tweet at around 11:45am on Tuesday that source code for Symantec's flagship Norton Antivirus would be released "in 7 hours".

YamaTough claims to have access to source code for PCAnywhere, Norton Antivirus, Norton Internet Security, Norton GoBack, Norton Utilities and Norton SystemWorks code, and has said that code is now up for sale.

Access to source code allows hackers to find vulnerabilities and write exploits more efficiently than reverse engineering. Last week Symantec said it had patched its PCAnywhere remote-access software to fix vulnerabilities in the remote access software after warning customers not to use older versions following the theft of code.

The PCAnywhere warning came after Lords of Dhamaraja claimed to have accessed Indian military intelligence servers and found the Symantec code, a claim that was later called into doubt. Symantec said the source code leak came from a 2006 hack.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • If what Semantec is saying is rue, that is even worse and shows a complete disregard for thier users.

    If what Anonymous claims is true and the sourcecode leak is the result of a recent hack, be it an Indian military site or semanteds own site is immaterial. Semantec claim that they have just released patches and notifying users. Full Cred to semantec.

    However what Semantec are effectively saying is that the source code was leaked and been in the hands since 2006, leaving their users unsecure for the past 6 years with no announcement or patch from Semantec.

    As for negotiating with the hackers. it would be very naive to think they would destroy all copies. The only thing Semantec could hope for is their silence on a 6 year old leak which does not look good for semantec.
    anonymous
  • The thing that has been puzzling me for quite a while is how Anonymous can remain anonymous whilst not only being active on the Internet but also communicating about their activities openly. Surely there must be an electronic trail to follow. They surely can't be completely invisible in this day and age. After all everything is pretty much known about all the rest of us, courtesy of the Internet.

    As to this recent exchange of emails, was this a publicity stunt or was YamaTough just playing round with Symantec.
    The Former Moley
  • It's actually far easier to work anonymously on the internet than you think. With tools like Tor bouncing your traffic around the world before hitting your target it's practically impossible to dig deep enough to find the actual source. Then there's the plethora of open wifi spots around the world that you can connect to and do your nefarious deeds without risk. Using a MAC cloning tool you can basically disguise your computers hardware address at will to keep from being tracked. The different ways to hide yourself are so numerous that it would be impossible to even outline them all in a post. It won't be long (really it's already here) before we have disposable computers. Use it, toss it so it's not traced back to you.
    naviathan@...
  • It simultaneously worries me and uplifts me that a self-proclaimed group of internet activists name themselves after Indian mythical figures. Uplifts me since I see them fighting for an open web and against corporate dominance and undue profiteering, and worrying because in the context of present laws, it would appear that much of what they are can be seen as illegal. Is this the beginning of the great war between the corporates and monopolists and the individual that sci-fi classics are built around?
    subhorupd