Hackers steal parts of Symantec's antivirus code

Summary:Hacker group steals and exposes parts of security vendor's source code on Web site, but Symantec says network and customer data not affected.

Hackers have exposed a portion of Symantec's antivirus source code, the blueprint for its products.

According to a Reuters report last Friday, the security vendor said hackers had stolen the code from a third party, but noted that neither its own network nor customer information had been breached. However, Symantec confirmed claims by the hacker group, Lords of Dharmaraja, which said it had obtained Symantec's source code through breaching the Indian military.

Lords of Dharmaraja posted on information-sharing Web site, pastebin, that it would soon list a Norton antivirus source code package. A person using the pseudonym "YamaTough" had posted several items to prove the group had accessed the code. The content on pastebin has since been removed and YamaTough's Google+ posts have been deleted.

"We are sharing here one technical documentation file from Symantec Source, code-transferred to Indian Military Intel and located at MEA (Ministry of External Affairs) servers we owneed (sic) recently," YamaTough had posted.

Cris Paden, a spokesperson for Symantec told Reuters: "Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued."

The source code that was exposed for Symantec Endpoint Protection 11.0, which had been used to prevent outgoing data from being leaked, was four years old and had been updated regularly, Paden said. The code for Symantec Antivirus 10.2 was five years old and had been discontinued and was no longer on sale, though, the software was still being serviced, he added.

Reuters also quoted Rob Rachwald, director of security strategy at security firm Imperva, who wrote in a blog post: "The workings of most of the antivirus algorithms have also been studied already by hackers in order to write the malware that defeats them." He noted that unlike hackers that aimed to get around firewalls and software protection, rivals could be more interested in accessing the source code to study the market leader's software.

Topics: Networking, Data Management, Security

About

Elly grew up on the adrenaline of crime fiction and it spurred her interest in cybercrime, privacy and the terror on the dark side of IT. At ZDNet Asia, she has made it her mission to warn readers of upcoming security threats, while also covering other tech issues.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.