A group ofhackers who call themselves theLords ofDharmaraja, (and isassociated withAnonymous) have published the source code of Symantec, a digital security firm know forthe Norton antivirus program and pcAnywhere, raising concerns that others could exploit thesecurity holes and try to control the users computer.The release of the source code came after the 'extortion' attempt failed as Symantec did notcomply with their numerous deadlines.Negotiations through email messages between a representative of the hacker group,YamaTough, and someone from Symantec were also released online. The exchange ofmessages are about Symantec's offer to pay USD 50,000 for the hackers to stop disclosing thesource code and announce to the public that the whole Symantec hack was a fake, which madethem a subject ofmockery for appearing to buy protection.Both sides admitted that their participation was just a trick.The hackers denied any extortion aim, saying that they never intended to take the money andwere going to publish the source code whatever happens; they simply want to humiliate them sothey played along. While Symantec said that they are not actually the one in communicationwith the hacker, but a law enforcement agent.The long negotiation worked to the favor of Symantec as they have been able to come up withpatches to theirNorton and pcAnywhere programs. Symantec has advised their users to stopusing the softwares in the meantime until they have issued more patches for them.Symantec released a statement saying that they have always been prepared for the leak of thesource code so they've made and distributed hotfixes on January to secure their users.The drawn-out negotiation is an obvious sign of a law enforcer on the other line. Delaying tacticsis one of their assets to obtain insight into the enemy. More importantly, it will create moretransactions where paper trail will be left along the way -- utilizing persons who have beeninvolved in the process and the records themselves to trace the suspects.It has been a common ploy of investigators like the FBI who deal with kidnappers orextortionists to break down the amount into several smaller payouts
Since 2006, Symantec has already suspected there has been a network breach but they werenot able to verify any data pilfering until recently when the hackers threatened them to releasethe source code of Norton.There are further reports saying that the source code of Symantec was stolen from servers of India's intelligence and military department. (They alleges that Symantec has previously givenIndia the code to guarantee the government that they contain no malicious program.) However,this was denied by Symantec -- they have already admitted that the theft happened in their ownservers and network.The security firm formerly said that the Indian group was also the one responsible for the 2006breach but retracted it today. They are now saying they're not sure who stole the source code in2006 and how they managed to get their hands on it.