Depending on who you talk to, Anonymous is either a righteous crusader out to expose corporate corruption by baiting a computer security company into offering it a bribe, or a vicious criminal syndicate using stolen data to extort money. As the story of how Norton Antivirus maker Symantec may have offered -- or may have been pressured into offering -- Anonymous money makes its way into the mainstream press on Tuesday, the latter version dominates. What started as another Anonymous prank to make a tech giant look bad now looks like either a very real extortion attempt or, at best, a PR stunt that blew up in the hackers' faces.
The whole thing started on Monday, when Anonymous posted on its Twitter account a link to a Pastebin posting that details a conversation apparently between a Symantec employee named Sam Thomas and a hacker named YamaTough, in which Thomas offers YamaTough $50,000 to keep him from releasing the PCAnywhere source code. A few hours later, the account @YourAnonNews posted a link to a torrent making the source code available. The damage was done, the code was out, and that's when the PR battle began.
Symantec, which has previously acknowledged hackers made off with some of its source code, said on Tuesday that Thomas was not an employee, but rather a member of law enforcement that the company called when it realized it was getting blackmailed by YamaTough. YamaTough's a part of the Indian hacking group Lords of Dharmaraja, which accessed Symantec's code in early January. He was working with Anonymous in this case. The emails in the Pastebin document show that he expected to get paid, and that "Thomas" wanted to pay him. One in which Thomas swears not to be FBI reads, in part:
We can't pay you $50,000 at once for the reasons we discussed previously. We can pay you $2,500 per month for the first three months. In exchange, you will make a public statement on behalf of your group that you lied about the hack (as you previously stated). Once that's done, we will pay the rest of the $50,000 to your account and you can take it all out at once. That should solve your problem.
But as the story got picked up in the press over the course of the day, Symantec's own claim that the hack was an extortion attempt started making its way into the headlines: "Anonymous Hackers Tried to Blackmail Symantec," reported Fox News. Symantec says Hackers Tried Extortion," reported The New York Times Bits blog.