Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Symantec admits security source code stolen after network hack

Warns pcAnywhere users they face increased risk, confirms theft of source code of prominent consumer programs

Article comments

Symantec has admitted its own network was compromised having previously denied the source code of some of its flagship security products was stolen.

In a statement provided to Reuters, the security software giant acknowledged that hackers had broken into its network when they stole source code of some of the company's software.

Previously, Symantec had denied that its own network had been breached, and instead pointed fingers at an unnamed "third party entity" as the attack's victim. Evidence posted by a hacker nicknamed "Yama Tough" - a self-proclaimed member of a gang calling itself "Lords of Dharmaraja" - indicated that the information was obtained from a server operated by the Indian government.

Two weeks ago, Symantec spokesman Cris Paden said that the hacker made off with source code of Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2, enterprise products between five and six years old.

At the time, Paden downplayed the seriousness of the theft.

Yesterday, however, Paden said that source code of Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, had been stolen.

Some of those - Norton Internet Security and Norton Utilities - are among Symantec's most prominent consumer-grade products.

Symantec missed one bullet, however.

Last Saturday, Yama Tough promised to release more than a gigabyte of the source code for Norton Antivirus - the hacker did not specify which version - but he said the group has since reconsidered.

"We've decided not to release code to the public until we get full of it," Yama Tough wrote on Twitter. "1st we'll own evrthn we can by 0din' the sym code & pour mayhem."

In the message, "0din'" likely stands for "zero-daying," meaning attacks launched against unpatched vulnerabilities.

Also on January 16 Yama Tough claimed that he had some or all of the source code for pcAnywhere, a multi-platform remote access suite that Symantec sells.

"PCAnywhere code is being released to blackhat community for 0d expltin!," said Yama Tough on Twitter.

Paden confirmed Yama Tough's claim when he told Reuters that pcAnywhere users face "a slightly increased security risk" because of the hacker's activities.

"Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information," Paden said.

Paden did not reply to Computerworld's requests for comment on Symantec's revised statement.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *