Symantec Confirms Extortion Attempt

By: Shawn Hess - February 7, 2012

Hackers using the Twitter Handle @YamaTouigh have been tweeting about Symantec and its Norton antivirus product throughout January claiming that they will be releasing the source codes for the security product. Earlier this week Symantec confirmed that they have been the victims of an attempted extortion by @YamaTough, who claims to be affiliated with the ‘anonymous’ group.

A Symantec representative commented on the attempt:

In January an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession. Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide”.

Here are some segments from the impatient ‘Anonymous’ @YamaTough hacker as he negotiates the $50,000 demanded payment from a Symantec employee:

“If you are trying to trace with the ftp trick it’s just worthless. If we detect any malevolent tracing action we cancel the deal. Is that clear? You’ve got the doc files and pathes [sic] to the files. what’s the problem? Explain.”

“If we dont hear from you in 30m we make an official announcement and put your code on sale at auction terms. We have many people who are willing to get your code. Dont f*** with us.”

Apparently, the Hackers were on to Symantec for contacting higher authorities but never the less continued in their negotiations until they finally cut contact with the Symantec employee who claimed they needed more time:

“Since no code yet being released and our email communication wasnt also released we give you 10 minutes to decide which way you go after that two of your codes fly to the moon PCAnywhere and Norton Antivirus totaling 2350MB in size (rar) 10 minutes if no reply from you we consider it a START this time we’ve made mirrors so it will be hard for you to get rid of it.”

Symantec insists that users of their products are not under any significantly higher risk of attack due to the theft however; Symantec asked its PCAnywhere users to disable the product until the company could issue a software update. They assure clients that this will protect them against attacks resulting from the theft of the source code.

Shawn Hess

About the Author

Shawn HessShawn Hess is a staff writer for WebProNews and an expert procrastinator. Follow Shawn on Twitter, on StumbleUpon, and .

View all posts by Shawn Hess
  • light

    ERecently, It’s getting even worse. Symantec is criminal & breaking the law. I can’t believe Symantec indulge David Freer & Suzy Walsham to get my person info through HR dept. for their own personal purposes, which is toally violating the privacy law. (as I have worked for Symantec before). As I called to Symantec headquarter & talked to legal Mona Ramamurthy & sent an email to all the management team (as they can’t pretend they didn’t know about it) and got no responses at all. What is Symantec management team’s thinking? What makes them to think they could break the law BOLDLY? Is US a legal & civilized country or what? Or Symantec thought they could just hide behind hundred of lawyers’ back and as one solo person I can barely hurt them at all? I wish President Obama would know this. Then he can tell the chairman & CEO of Symantec, Enrique Salem, the same words as he told Congressman Anthony Weiner “If I was him, I would resign” from Obama’s management advisory. I wish Symantec shareholders would know this, so they can sell the stocks to show their disagreement with their RUDE & ILLEGAL behaviors. I wish the press would start investigating this. Thank you.

  • light

    David Freer (VP, Symantec Consumer Business Units – Norton, APJ) is a BIG LIAR! He lied to me for more than two and half years for my true feelings, time, and money. Also kept saying I am the only one in his life. Even this year on Feb. 2, he used company line to lead me to have phone sex with him. Until I found out there’s some other woman, he made up another lie and finally admitted he’s been living with her for a year. Later, I realized they were all lies. He actually has married March 2009. And now he just totally disappeared and not answering any phone calls, acting like “hit & run” irresponsible baby. Can you trust someone like this, with no ethics and integrity? The more unbelievable things is David Freer newly-wed wife – SUZY WALSHAM, she shamefully admitted she was the third person who broke up David Freer & his ex 12 years relationships, and mocking at me as the 3rd “unsuspected” person, as she agreed with his husband’s behaviors!!!!!! SHAME ON both of you, DAVID FREER & SUZY WALSHAM!!!!!!! (THEY BOTH WORK FOR SYMANTEC and when they met, they were boss-staff relationships. Obviously, Symantec didn’t mind paying checks & job offer for managements to support their mistresses, as David Freer was living with his long-time girlfriend.)

  • light

    Taiwan Supreme Court, Singapore Police Dept & Taiwan lawyers committee has offically started the investigation!!!! (As two poor & stupid lawyers have involved to use the illegal info proividing by David Freer & Suzy Walsham to against me, they are facing the investigating, due to violating the lawyers ethics and law, which might cost them to lose their licences).I have talked to my lawyers and haven’t decided whether I shall sue Symantec US or Symantec Singapore for better result. As I don’t care about the compensation (I am sure it’s only a drop in the bucket to Symantec), all I want is Symantec fire the trouble makers or ask them to leave, as Obama asked Anthony Weiner. The worst thing I want to see is the poor & stupid HR to be put behind the bar. There are already many innocent people been dragged into the incident. Yes, you can tell a person through his associates and friends. People shall know this is the way how current CEO running the business. Of course, you cannot trust Symantec. David Freer even hacked into my email account and cc copy emails to my pastor. I’ve reported this to Symantec, they didn’t care. Can you believe it? Just can’t figure out what kind of message Symantec tried to send to the public? We are criminals? We are good at breaking the law? No one can stop us? At the same time we position us as Cyber Police and people buy it???

  • light

    Seriously, I can’t believe most media today believe what Symantec says. US$50,000 is a lot to Symantec? I don’t think so. Symantec is an ethical company, so refused to be brided? I don’t think so. It’s clearly a terrible terrible PR campaign, but the media buy the statement, especially like Retuers, who won’t even allow me to post different points of views. Sadly. Considered the embarassments that previously Symantec told Pcanywhere customers to stop using their products, considered what they just announced 1B stock buy back program, consider today’s stock price’s falling, $50,000 is way too CHEAP! Who is the so called law enforcement agent? It’s not the first time Symantec lies and what I don’t understand is why most media just simply copy & paste Symantec’s statement. Do some investigation or at least don’t downgraded yourselves as Symantec’s spokespersons FOR FREE. Sad!

  • Steven G

    Why on earth would you use PC Anywhere when PC computers running windows already have remote desktop access that does the same thing as PC Anywhere does? If you need a secure connection, you can always create a secure VPN to encrypt. Apps that do things that the computer already does is a waste of money.

  • Santra

    Symantec told YamaTough it could not wire the entire amount at once and promised to pay in installments so the hacker wouldn’t publish the source code after being paid.