Hackers in India Leak Symantec Source Code
A hacker group based out of India has acquired the source code to Norton Antivirus.
Last night Imperva sent along an email stating that hacker group Lords of Dharmaraja is threatening to release the source code of Symantec's flagship product, Norton Antivirus. The group's original threat posted on Pastebin is now gone, but a Google cached version claims that the source code was retrieved during a hack of India's military and intelligence servers.
"As of now we start sharing with all our brothers and followers information from the Indian Military Intelligence servers, so far we have discovered within the Indian Spy Programme source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI," the group states.
"Now we release confidential documentation we encountered of Symantec corporation and it's Norton AntiVirus source code which we are going to publish later on, we are working out mirrors as of now since we experience extreme pressure and censorship from US and India government agencies," the group adds.
Security firm Imperva indicated that there's a good chance the group actually did retrieve the source code from the Indian military, as many governments require source code from vendors to prove that the software isn’t really spyware. But the company also points out that the hackers could have easily retrieved the code by gaining access to a test server that was mistakenly exposed or a link to an FTP that was unintentionally made public.
"If the rumors turn out to be true, the implications of the anti-virus code leakage will not keep the Symantec folks awake too late at night, and certainly not their customers," Imperva said. "After all, there isn’t much hackers can learn from the code which they hadn’t known before."
That's because most of the antivirus product is based on attack signatures. By basing defenses on signatures, malware authors continuously write malware to evade signature detection. Even more, malware versions continuously evolve, making it hard for firms like Symantec to stay one step ahead.
"The workings of most of the anti-virus' algorithms have also been studied already by hackers in order to write the malware that defeats them," the blog explained. "A key benefit of having the source code could be in the hands of the competitors. If the source code is recent and hackers find serious vulnerabilities, it could be possible to exploit the actual anti-virus program itself. But that is a big if and no one but Symantec knows what types of weaknesses hackers could find."
After word began to spread about the source code leak, Symantec released a statement, confirming that a segment of Norton's source code used in two of the older enterprise products has been accessed, one of which has been discontinued.
"The code involved is four and five years old," the company said. "This does not affect Symantec’s Norton products for our consumer customers. Symantec’s own network was not breached, but rather that of a third party entity. We are still gathering information on the details and are not in a position to provide specifics on the third party involved. Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec’s solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time."
Symantec said that it is working to develop a remediation process to ensure long-term protection for its customers’ information. "We will communicate that process once the steps have been finalized," Symantec said. "Given the early stages of the investigation, we have no further details to disclose at this time but will provide updates as we confirm additional facts."
- Crucial Announces Adrenaline SSD Cache Drive
- Former Microsoft Chief Architect Ray Ozzie Starts New Company
- Lenovo Shows New Thinkpad and Thinkpad Ultrabook
- AMD Radeon HD 7000 Series OEM Models Revealed
- The Winners of Our Asus X79 System Design Challenge
- Linux 3.2 Now Available
- OCZ's Deneva 2 mSATA SSD Approved for Intel Ultrabooks
- Enter to Win the Nvidia Tegra 2-powered Sony Tablet S
- Microsoft Flight Will Offer Free-To-Play Model
- Thermaltake Releases New Frio Extreme CPU Cooler
- Crysis 2 Wins Title of Most Pirated Game of 2011
- It Was A Record Year for Steam, Claims Valve
- Galaxy Nexus to Arrive in White for UK Next Month
- Apple Patents Point to Thunderbolt on iOS Devices
- Gorilla Glass 2 to Debut at CES: The Tough Gets Stronger
- Thermaltake, BMW Designworks Make the Level 10 M Mouse
- Scientists Propose Kinect-like 3D Camera for Cellphones
- Lenovo Unveils New Smart TV, IdeaTab and S2 Smartphone
I thought they were all busy calling my place claiming to be working for microsoft and trying get me to install remote control software.
who would want the source code for some of the worst antivirus software? That's like wanting dog DNA so you can figure out how it makes poop.
I hope they release it... maybe someone will come along and improve it then.
Norton AV has come a long way. It is far from the worst. More like a top 5 AV now.
making poop is big deal man
ha source code more like a virus that has been making computers crawl since the mid 1990's
who would want the source code for some of the worst antivirus software? That's like wanting dog DNA so you can figure out how it makes poop.
Why do people keep this up? Do people think it makes them look important to not keep current?
Yes, a few years ago Norton had a bad reputation for being bloated and taking up cycles and memory. However, they did rebuild their products and they run very lean and catch almost everything thrown at them. They are always at the top of independent reviewers in both how little memory and CPU time they take up as well as what they detect.
the title says "Leak" while the first sentence says "threatening to release"
It would be interesting to see a malware that exploits an AV software's vulnerabilities to gain control of the computer. Talk about irony.
who would want the source code for some of the worst antivirus software? That's like wanting dog DNA so you can figure out how it makes poop.
Norton AV isn't like it what used to be in the past. If it's still a piece of junk, it would've withered away from competing AV softwares and the relentless flood of malware.
As others have said before....
Poop...
'Accidentally' leaving someone on the network for someone to find is often referred to as a honey pot. Government departments don't make a habit of leaving servers full of valuable code open and unmonitored just at random. I agree it does happen, but the likelyhood of something being that substantial may only be some mock code that was left there as bait for network intruders. This is common policy for network security protocols.
It would be interesting to see a malware that exploits an AV software's vulnerabilities to gain control of the computer. Talk about irony.Norton AV isn't like it what used to be in the past. If it's still a piece of junk, it would've withered away from competing AV softwares and the relentless flood of malware.
Norton has build itself based on marketing and branding much like Monster Cable and BOSE.
If you ask a Joe or Jane what AV software they'll recommended and Norton is the first thing that pops into their heads.
Hey, maybe the open source community can improve it. They certainly can't make it any worse.
All this hate for Norton is funny. NAV is a top 3 product at this point. I run NIS 2012 and it's light on resources and catches anything and everything sent my way. It's really going to "wither away" as someone said...right. The past 2 companies I've worked for have run their corp editions.
who would want the source code for some of the worst antivirus software? That's like wanting dog DNA so you can figure out how it makes poop.
I'm not sure that made sense but damn it sounded funny.
I actually believe them. Won't be surprised if Government servers got hacked.
And to be honest, i believe that symantec is right, it must be a few years old. I have faith in my Government
BTW, no norton is pretty good actually. Have been running 360/NIS for three years now, it's great. Even runs on and old IBM thinkpad with a pentium M without any issues. Stalled my p4 though!
However, it's overpriced, so i doubt i'm going to renew my licence next year.
I bet those hackers were shocked to find source code from both prime95 and memtest within the Norton source code.
if user has any free memory
then allocate all free memory for temp storage of calculated prime numbers
//classic Norton's
I agree, Norton is a good product. Branding is not a bad thing - look at Apple. They market an experience. So too does Symantec. A trouble-free experience for most users. Save for the dumb ones (like some that have posted above with outdated comments!). If you prefer to get your AV from Chinese, Romanian, Finnish and UK companies GREAT, all the power to you. I will stand behind a US company any day - and especially one with a solid reputation like Symantec.
I agree, Norton is a good product. Branding is not a bad thing - look at Apple. They market an experience. So too does Symantec. A trouble-free experience for most users. Save for the dumb ones (like some that have posted above with outdated comments!). If you prefer to get your AV from Chinese, Romanian, Finnish and UK companies GREAT, all the power to you. I will stand behind a US company any day - and especially one with a solid reputation like Symantec.
What about MSE? Microsoft's based in Seattle, MSE is nice and light and effective and free, what more could you want?
Protection, which is why you use ESET NOD32.
Symantec: Nothing to see here.. move along, move along..
A lot of comments on versions Norton admits werent the most efficient, but since 2009 they have turned the other direction and lightened the client up to the point of night and day. Newer versions are much faster/lighter and work much better than the past. Something companies that competed like McAfee cant say.
Problem is you have a lot of new companies that claim to be better at it and sometimes are, but dont have the track record to back it up or the countries they hail from being very friendly to other nations. It pays to look behind the product to see who is producing the product and how much faith you can put in them. For me, I cant say I trust many of them, just glad at least for now Norton is a good product to go with, otherwise I guess your basic/good free version of Microsoft Security Essentials is where it is at.
who would want the source code for some of the worst antivirus software? That's like wanting dog DNA so you can figure out how it makes poop.
I don't know which hole you crawl out from...year 2000??? NIS is one of the best and speediest Internet Protection Suite around. You must be still using Windows XP and the old bloated Norton back in early 2000 or something.
I don't see an immediate fallout from this, or even in the long-term. Source code is of limited use anyway.
All this hate for Norton is funny. NAV is a top 3 product at this point. I run NIS 2012 and it's light on resources and catches anything and everything sent my way. It's really going to "wither away" as someone said...right. The past 2 companies I've worked for have run their corp editions.
its a top product because it ships with almost every computer. then when the user finds out how bad it is they remove it and install a better AV
its just like intel being the leader in GPU sales because new computers include integrated graphics on there mobos
Regardless whether the claims of Norton "turning around" are true or not, paying for AV software is absurd, only displaying one's lack of knowledge by doing so (excluding the company level).
its a top product because it ships with almost every computer. then when the user finds out how bad it is they remove it and install a better AVits just like intel being the leader in GPU sales because new computers include integrated graphics on there mobos
Another one who just crawled out of the cave of Afghanistan....Please read up some reviews before showing your ignorance again.
Regardless whether the claims of Norton "turning around" are true or not, paying for AV software is absurd, only displaying one's lack of knowledge by doing so (excluding the company level).
Going by your logic, paying for OS or any other software also absurd when we can pirate it. Yeah, you're da man.
Another one who just crawled out of the cave of Afghanistan....Please read up some reviews before showing your ignorance again.
ignorance? i think not. you know they count those trial versions that come pre-installed on new PC's as sales. they are the kind of company that would do that sort of thing
We're not talking about how many sales it does. We're talking about the quality of the product. And NIS delivers. There's a reason why it is constantly getting good reviews the last few years. So what if it comes with trial version on new PCs?? This will automatically makes it a bad product??? :x By this logic than all the Windows 7 which comes pre-installed also sucks. You better use Linux then.
where the hell do you get me saying trial version=bad product? whatever you are smoking i want some.
the only way this is a considered a good product is because norton and mcafee are the only 2 AV's that come with new PC's so joe blow doesn't know about anything else. if ESET or kaspersky had the same kind of deal then norton would be considered one of the worst