Anonymous activists have released source code for PCAnywhere onto the internet, hours after a hacker's negotiations for payment from Symantec broke down. Symantec code exposure turns up danger to pcAnywhere customers.Symantec has released new information and a patch to address the recent code exposure incident. The release followed failed email negotiations over a $50,000 payout to the hacker calling himself YamaTough to destroy the code.
The code was posted on the Pirate Bay file-sharing website on Tuesday at around 5:40am. "Symantec has been lying to its customers. We exposed this point thus spreading the world that ppl need" - #AntiSec #Anonymous Spread and share!" said a statement accompanying the download link on Pirate Bay.
Symantec has stated that users of pcAnywhere are at increased risk. The Symantec website states that, because of the age of the exposed source, "Symantec anti-virus or endpoint security customers – including those running Norton products – should not be in any increased danger of cyber attacks resulting from this incident."
Symantec had taken the extraordinary step of asking customers to stop using the software temporarily until it readied the patches. Symantec released a patch that eliminates known vulnerabilities affecting pcAnywhere 12.0 and pcAnywhere 12.1.At this time, Symantec recommends that all customers upgrade to pcAnywhere 12.5, apply all relevant patches as they are released, and follow general security best practices.
If customers are unable to adhere to these guidelines and have not installed the latest version with current patches, they should contact pcanywhere@symantec.com for additional assistance. Symantec has issued a technical whitepaper containing security recommendations in regard to pcAnywhere.
The hacker has posted segments of code for Norton Utilities and other programs. A software maker's intellectual property, specifically its source code, is its most precious asset.