On May 4, a group of hackers calling itself “l3g4nd crew” claimed to be in possession of Symantec’s Norton Internet Security 2012 source code. They tried to blackmail the security firm, but Symantec representatives determined that the code was not from their products.
This is not the first time when Symantec is blackmailed by hackers. A few weeks ago, a similar incident took place. At the time, the company sought help from US law enforcement in an attempt to unmask the hacker.
If back then the hackers claimed to be hacktivists that wanted to teach Symantec a lesson, this time the blackmailers seem to be in it purely for the money.
“We would like to inform you that we finally exploited Norton internet security 2012, this exploit made an error in Norton and by mistake exposed its FULL SOURCE CODE, we then checked it several time to be sure, also we would like to tell you that you fool highness inserted a lot of sensitive information in the code,” the hackers wrote.
“We actually disclosed the top secret virus protection technique of Symantec Norton 2012 and we will be publishing it on Monday unless we had a little t$lk, the source code will also be published on several paste websites including this site.”
They threatened that the code would be leaked on Monday, which is today, if their “demand$” were not met.
However, according to Infosec Island, Symantec denies that the source code is from Norton Internet Security 2012. Senior Manager for Corporate Communications at Symantec, Cris Paden, has revealed that the code comes from a “utility designed to keep Microsoft Office 2010 in a perpetual trial mode.”
"The reference to 'Norton' is actually inserted into a hacking program used to execute the utility (back-up copies and files are needed to transfer information as part of the process to get MS office trial mode to run in perpetuity),” he explained.
It’s uncertain at this point if the “l3g4nd crew” only wanted some attention, or it really did believe that it could obtain money from the firm, based on a piece of code whose legitimacy could be easily verified.