Both YamaTough and Symantec claimed that the negotiations had been a ruse on both sides, with neither actually negotiating in good faith. The hacker said he had always intended to release the source code, and Symantec said its participation had been under the direction of law enforcement.
In mid-January, Symantec admitted that 2006-era source code for Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks (Norton Utilities and Norton GoBack), and PCAnywhere had been stolen from its own servers. Earlier, it said the theft had taken place from Indian military servers.
While the stolen source code for its security products was dismissed as being of obsolete code, in late January Symantec took the extraordinary step of telling its customers to stop using its pcAnywhere software, the theft of the source code of which the company had at first said only "slightly increased security risk."
The email exchange released by the hacker shows convoluted negotiations between himself and a purported Symantec employee named Sam Thomas, beginning on January 18. The exchange could have been an attempt to lure the hacker into making a mistake, such as accepting a payment in a manner that could be easily traced.
It could also have been a delaying tactic. Symantec issued patches for "known vulnerabilities" in version 12.5 of pcAnywhere on January 23 and patches for versions 12.0 and 12.1 on January 27.
YamaTough said he was the one luring Symantec into a trap. He said, "We tricked them into offering us a bribe so we could humiliate them."
Just who was tricking who will probably never really be known.