We use cookies to ensure you get the best browsing experience. By continued use, you agree to our privacy policy and accept our use of such cookies. For further information, click FIND OUT MORE.
Make this your preferred source to get more updates from this publisher on Google.
Hackers have exposed the source code of the 2006 version of Symantec's anti-malware product Norton Antivirus, an information security enthusiast site said. Infosec Island said a hacker with the handle YamaTough provided it a copy of the file, which Symantec confirmed to contain a segment of its source code. "Symantec can confirm that a segment of its source code has been accessed. Symantec’s own network was not breached, but rather that of a third party entity," it quoted Cris Paden, Senior Manager for Corporate Communications at Symantec, as saying in an email to it. Paden also said his team is "still gathering information on the details" and is "not in a position to provide specifics on the third party involved." He also said they have no indication at present that the code disclosure affects the functionality or security of Symantec’s solutions. "Furthermore, there are no indications that customer information has been impacted or exposed at this time," he added. Infosec Island noted that while the code is for an older version of the Norton antivirus product, several questions remain:
- As the file provided by the hacker was merely a sample of the material YamTough claimed to have, does that mean that code for more recent editions have not been compromised as well? - What was the "third party" – presumably some entity related to the Indian government – doing in possession of the source code for the Symantec product? - How much information would source code from 2006 provide to malware authors assuming that the entire product has not been reinvented from scratch since the time this code was produced?
A separate article by computer security firm Sophos' senior technology consultant Graham Cluley said an Indian hacking group, calling itself the Lords of Dharmaraja, threatened to publicly disclose the source code online. Cluley said there have been two claims related to Symantec's source code so far. The first was a document claiming to be confidential information related to Norton AntiVirus's source code, which was posted on Pastebin. "Symantec says it has investigated the claim, and that – rather than source code – it was documentation dated from April 1999 related to an API (application programming interface) used by the product," Cluley said. Also, the hacking group shared source code related to what appears to have been the 2006 version of Symantec's Norton Antivirus product with journalists from Infosec Island. He said the hacker, YamaTough, posted the content to PasteBin and subsequently published messages on Google+ about the alleged breach. "The content on PasteBin has since been removed, and Yama Tough's Google+ posts deleted. The hackers claim that it is working on creating mirror sites for its content, as it has felt being pressured and censored by US and Indian government agencies," Cluley said. He said it is possible the data leak may have occurred on Indian government servers and the implication is that Symantec, and perhaps other software companies, may have been required to supply their source code to Indian authorities. "Even if it was up-to-date source code, it may be of limited use to hackers and be used more as a 'trophy scalp' for a hacking group attending to generate publicity for its grievances with the Indian authorities," he said. — LBG, GMA News
GMA Brandtalk
Tracking
Archives
