Leaked Email Exchange Indicates Hacker Group Trying to Extort Money from Symantec

Anonymous has made a Pastebin dump of email exchanges between a Symantec representative called Sam Thomas and Yamatough, the spokesperson of the hacker group Lords of Dharmaraja.

The hacker group is accusing Symantec of ‘bribing’ them in order to prevent the release of the pcAnywhere source code. Looking at the email exchange however, it seems that the hacker group was in fact trying to extort money from Symantec.

The emails shows how Yamatough was trying to extort money through a service called ‘Liberty Reserve’ to an offshore account or to accounts in Lithuania or Libya. Sam instead suggests wiring $1000 through PayPal which Yamatough declines. Sam then increased the total payment to $50,000 with an initial transfer of $2500 for three months and the rest of the money after they provide enough proof that the source code has been destroyed. At this point, Yamatough becomes suspicious that the FBI is involved and the email exchange stops even though Sam tries to continue the conversation. You can read the entire conversation in the above link.

In a comment made at Infosec Island, Cris Paden of Symantec confirmed that the email exchange posted was legitimate.

In January an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession. Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still on going, we are not going to disclose the law enforcement agencies involved and have no additional information to provide.

Paden also confirmed to Forbes that Sam was in fact an agent trying to get more information out of Yamatough.

“Anonymous has been talking to law enforcement, not to us. No money was exchanged, and there was never going to be any money exchanged. It was all an effort to gather information for the investigation,” he said.

Anonymous has uploaded the leaked source code to the torrents. But Symantec has reiterated that, you are safe, as long as you are using the latest version.

You can find additional information about the source leak here.

Published by

Nithin Ramesh

Nithin is a blogger and a Windows security enthusiast. He is currently pursuing Bachelors in Electronics and Communication. Apart from technology his other interests include reading and rock music. His Twitter handle is @nithinr6