Symantec says email exchange took place between Anonymous and law-enforcement agents Company says source code expected to be published next is old
In its original post to website Pastebin.com, Anonymous maintained it discovered information in a hack of India's military computer network
Symantec Corp. (SYMC) is bracing for the release of more purloined source code in coming weeks following the disclosure that an individual claiming to be part of "Anonymous" attempted to extort payment from the company in exchange for not making the code public.
The loose-knit computer-hacking group Anonymous posted a string of emails this week purporting to show Cupertino, Calif.'s Symantec engaged in negotiations with the group to avoid disclosure of the code. Symantec spokesman Cris Paden said the email exchange took place between Anonymous and law enforcement agents, not the company.
Last month, the group published source code stolen in 2006 for Norton Utilities and pcAnywhere. The company anticipates Anonymous will next publish code for the 2006 version of Norton Antivirus Corporate Edition and Norton Internet Security.
"As we have already stated publicly, this is old code," Paden said. "And Symantec and Norton customers will not be at an increased risk as a result of any further disclosure related to these 2006 products."
Norton Antivirus is the leading product in Symantec's $2 billion consumer-software business. It is used by 150 million customers world-wide.
The conflict began a month ago, when Anonymous posted on the Web a Symantec description of how Norton Antivirus worked. Symantec said the 2,700-word document was a general description of the software from 12 years ago and didn't threaten security.
A day later, the group posted software code, which Symantec confirmed was for 2006 versions of enterprise security products.
Around the same time, an individual claiming to be part of Anonymous approached Symantec "saying that if we provided them with money, they would not post any more source code," Paden said. At that point, the company turned over the investigation to law enforcement. Because the investigation is ongoing, the company declined to name the agencies involved.
In its original post to the website Pastebin.com, Anonymous maintained it discovered the information in a hack of India's military computer network. Symantec has declined to comment on where the group found the source code, however, Paden said the company hasn't shared source code for its products with Indian officials.
Last week, Symantec offered free upgrades of pcAnywhere to users of the software who didn't have a version current enough to accept the most recent security updates. The company continues to recommend customers use the most current security products available to ensure protection against threats.
