Symantec code theft: Hackers 'attempted extortion'

Symantec headquarters
Image caption FBI investigators posed as a Symantec employee trying to negotiate with hackers

Hackers tried to extort money in exchange for keeping source code private, security firm Symantec has said.

It comes as hackersmade publicemails from law enforcement agents posing as a Symantec employee.

Officials pretended to be the security firm in order to "offer" the hackers $50,000 (£32,000).

However, more source code has allegedly been released after negotiations apparently broke down.

Symantec said it had contacted US law enforcement after being approached by the hackers last month.

In a lengthy series of emails, law enforcement agents posed as a fake Symantec employee named Sam Thomas.

The character was involved in lengthy email discussions with hackers believed to be from India-based group the Lords of Dharmaraja, part of the wider Anonymous collective.

Agents, posing as Sam, told the hackers: "We can pay you $2,500 per month for the first three months.

"In exchange, you will make a public statement on behalf of your group that you lied about the hack (as you previously stated).

"Once that's done, we will pay the rest of the $50,000 to your account and you can take it all out at once. That should solve your problem."

At one point, the hackers suspected FBI involvement, writing: "say hi to FBI agents".

Stolen code

By the end of the email discussion, negotiations began to stall.

At 04:46 GMT on Tuesday, an account belonging to Anonymous suggested that more than a gigabyte of source code from the company's PC Anywhere software had been uploaded to torrent website The Pirate Bay.

Symantec would not confirm that this was the case.

Image caption Symantec has released advice for businesses that rely on its PC Anywhere software

"In January an individual claiming to be part of the 'Anonymous' group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession," the company said in a statement.

"Symantec conducted an internal investigation into this incident and also contacted law enforcement, given the attempted extortion and apparent theft of intellectual property.

"The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation.

"Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide."

At risk

Last month, users of PC Anywhere software were told by the company to disable its use where possible.

The company confirmed that "old" source code stolen by the hackers had exposed vulnerabilities in the program which allows remote access to computers.

Other programs affected include Norton Antivirus Corporate Edition, Norton Internet Security and Norton Systemworks (Norton Utilities and Norton Go Back).

However, only PC Anywhere is said to be at risk. Symantec has beenreleasing patches and further information via its website.

More on this story

Related Internet links

The BBC is not responsible for the content of external Internet sites