Hackers Demanded $50,000 to Sit on Stolen Symantec Source Code

According to email transcripts posted to Pastebin yesterday, and confirmed by the company, a group of hackers attempted to extort $50,000 from Symantec in exchange for not releasing its stolen PCAnywhere and Norton Antivirus source code.

The emails between Symantec employee Sam Thomas and the hacker(s) Yamatough, began in January. Symantec confirmed in a statement that it had contacted law enforcement after confirming the theft of the code and that the email exchange was, in fact, part of a criminal investigation.

The conversation lasted weeks before eventually breaking down—the two sparring over proof that Yamatough really did posses the code, assurances that it would be destroyed after the transaction was completed, and discussion on how to actually move the money to Liberty Reserve, a Costa Rican payment processing company. The email thread ended yesterday with Yamatough threatening to immediately release the code:

Since no code yet being released and our email communication wasn't also released we give you 10 minutes to decide which way you go after that two of your codes fly to the moon PCAnywhere and Norton Antivirus totaling 2350MB in size (rar) 10 minutes if no reply from you we consider it a START this time we've made mirrors so it will be hard for you to get rid of it.

Thomson requested more time to comply with the demands. Yamatough has since announced that it will delay the release. [Pastebin via CNet]

Image: mmckeay