Sign in with
Sign up | Sign in

Symantec Confirms Hackers Breached Network in 2006

By - Source: Reuters | B 15 comments

Symantec now admits that hackers accessed its network back in 2006 and stole the source code to numerous products.

Symantec spokesman Cris Paden said on Tuesday that unknown hackers breached its network back in 2006 and obtained the source code to Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere. The news follows the release of Symantec's Norton Utilities source code on Friday by a hacker associated with Anonymous and Lords of Dharmaraja.

Previously Symantec said that some of its code had been lifted from the server of a third party, but after a thorough investigation, the security firm has discovered that its network had indeed been compromised after all. The only real threat at this time resides with customers using pcAnywhere, Symantec's software that facilitates remote access of PCs.

"Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information," the company reports.

The story regarding Symantec's leaked source code began just after the new year when hacker group Lords of Dharmaraja threatened to release the source code to Norton Antivirus. The group's original threat posted on Pastebin is now gone, but a Google cached version claims that the source code was retrieved during a hack of India's military and intelligence servers.

"As of now we start sharing with all our brothers and followers information from the Indian Military Intelligence servers, so far we have discovered within the Indian Spy Programme source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI," the group stated.

Later Symatec admitted that it previously offered up the source code of its products in compliance with the Indian government so that officials could make sure the software didn't contain spyware or other malicious programs. Save for the firm's current caution with pcAnywhere as revealed on Tuesday, Symantec wasn't too worried about a possible code leak given the stolen software is six years old.

Yet that very factor may be why Lord of Dharmaraja and Yama Tough have resigned from releasing the Norton Antivirus source code on Tuesday. According to a Twitter post by Tough, they have decided not to go public with the 1.7 GB of source code "until we get full of it."

"1st we'll own evrthn we can by 0din' the sym code & pour mayhem," he said via Twitter.

There's speculation that Tough is referring to "zero daying," meaning that a surprise attack on the software could be in the works instead of an actual code release.

Ask a Category Expert

Create a new thread in the News comments forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
Top Comments
  • 17 Hide
    house70 , January 18, 2012 2:09 PM
    Yes, a company that admits to a security breach "only" about 6 years later sounds very trustworthy...
Other Comments
  • 6 Hide
    Inferno1217 , January 18, 2012 2:08 PM
    2006 and they are just now admitting this? I always steer clear of Symantec products. There are far better solutions out for consumers.
  • 17 Hide
    house70 , January 18, 2012 2:09 PM
    Yes, a company that admits to a security breach "only" about 6 years later sounds very trustworthy...
  • Display all 15 comments.
  • 4 Hide
    cryogenic , January 18, 2012 2:22 PM
    Goodbye Symantec, it was nice knowing you! (sarcasm)
  • 0 Hide
    svdb , January 18, 2012 5:05 PM
    That's right, it's far better to trust all your sensitive data to a AV/FW made buy a small company in the Czech Republic! ;) 
  • 0 Hide
    jprahman , January 18, 2012 5:07 PM
    @jacekring Keep in mind that this hacker group is based in India, and English probably isn't their 1st language, so I wouldn't doubt their intelligence just because of their English skills. And BTW, it's script kiddie, not tool boy.
  • 1 Hide
    captaincharisma , January 18, 2012 10:26 PM
    symantec proving once again why they are one of the worst computer companies ever. if anyone thinks norton is better than the rest then you obviously never tried anything else and are just ignorant
  • 0 Hide
    freggo , January 19, 2012 2:27 AM
    "The only real threat at this time resides with customers using pcAnywhere"

    Good to know that only their "PC remote access" software may be compromised.;
    Some security company you've got there, boys :-)


  • 0 Hide
    Dacatak , January 19, 2012 2:37 AM
    This is worrisome considering Symantec now owns VeriSign.
  • 1 Hide
    cyberscan , January 19, 2012 7:21 AM
    The only Norton product that I use is Norton Power Eraser. This piece of software is excellent for the one time removal of malware such as rootkits. Have not needed to use this except on computers people bring to me to fix.

    I use an old computer I purchased for about $20 as a firewall. ClamAV, HAVP, P3Scan, along with iptables provides my network with real time antivirus protection. In addition, I run Microsoft Security Essentials on each of the Windows boxen that are located behind the firewall. So far, there has not been any problem with this setup. However, I can also run Malwarebytes Antimalware on any computer on which I suspect malware. HAVP is configure to block all executables from being downloaded with the exception of update software. If anyone in my family wants to download software, I can do it for them after I check out the software to make sure that it is not malware.

    In addition, I perform regular Java, Flash, and Acrobat Reader software updates. I also disable Javascript in the Adobe pdf reader software. In addition, I recommend people use (Google) Chrome or Firefox as their default browser and Thunderbird for their email client.

    As a published author with three decades of I.T. experience, I do have to say that properly configured computers running free software are more secure than those where the owners depend on the latest whiz bang and expensive software to protect.
  • 1 Hide
    tlmck , January 19, 2012 7:35 AM
    Should I be worried? I mean it happened so recently. :lol: 
  • 0 Hide
    svdb , January 19, 2012 2:23 PM
    @cyberscan: As an anonymous person with 5 decades of professional IT experience, I have to say that trolling won't get you anywhere. ;) 
  • 0 Hide
    cyberscan , January 19, 2012 2:45 PM
    @svdb How am I trolling?
  • 0 Hide
    f-14 , January 19, 2012 9:17 PM
    i thought anybody with any brains quit using norton and cybermedia and other such popular a/v's after mydoom came out back in early 2000's and these av/s didn't catch it or stop it until almost a year later despite all the spoof variants.
    i know i quit using it after i couldn't change my computers date to april 1st 2100 and then install their software and change my date back to the correct date back in 2002?3? so i could get a life time subscription XD
    tried everything else tested it against some the best viruses/trojans/keyloggers i collected & i burned to a cd, if it doesn't catch them all it's crap in my book.
    there isn't an a/v software that has caught them all yet on the first try, so anybody who touts any a/v on the market is the best , the titanic was the best in it's time also, didn't even make it out of it's maiden voyage did it?
    first time every time or it's crap!
  • 0 Hide
    cyberscan , January 19, 2012 11:55 PM
    @f-14 This is my point exactly. No antivirus is going to catch everything. This is why I recommend running two to three separate products at the same time along with using the least privilege necessary to perform task and disabling any unnecessary features. A good product doesn't have to be an expensive product.

    In fact, a combination of products along with good operator sense will prevent infection in 99.9% of the time. To tell you the truth, I don't think there is any "best" product out there. There is only bad, good, and better. What one antivirus solution doesn't pick up may be picked up by another. Each solution is better than others for certain types of malicious software, so by using a combination, one can get just about all of the baddies. Blocking executables until they are properly vetted also makes a malware author's job much more difficult.
  • 2 Hide
    captaincharisma , January 20, 2012 4:26 PM
    @cyberscan: As an anonymous person with 5 decades of professional IT experience, I have to say that trolling won't get you anywhere. ;) 

    yea and i am just an anonymous rocket scientist