Symantec hackers say source code will be released on Tuesday

Summary:Hackers thought to have been behind the recent attack on Indian government servers have said they will release the Norton anti-virus software's source code on Tuesday.

Updated: see below.

Hackers, thought to have been behind a recent breach of Symantec's extended network, threatened to release the full source code of one of its flagship products.

The Twitter user, going by the name "Yama Tough" said in the tweet, said that the 1.7 GB source code would be released tomorrow.

Hackers breached a "third-party" network, thought to be the Indian intelligence services' network, which led to fragments of Symantec's Norton anti-virus product to be released on coding site Pastebin.

It is understood that in a bid to secure contracts with the Indian government, Symantec's source code was inspected by the authorities to ensure that the product was secure. The authorities left the code on the servers which were then accessed by the hackers.

Other hackers and malware writers could directly attack Norton products, but Symantec note that this is "unlikely" due to the age of the product. What is more damaging for the company is that the entire anti-virus community will be able to see how Symantec's products work, thus enabling third-parties to improve their own products.

The code released on Pastebin so far indicates that the code is from 1999. Symantec confirmed last week that the code had been stolen, but was keen to stress that the code was from an older version of one of its enterprise anti-virus solutions.

The company behind Norton AntiVirus, amongst other products, also stressed that: "there are no indications that customer information has been impacted or exposed at this time".

Update 1: Symantec said in a statement that, "the code for Norton Utilities that was posted publicly is related to the 2006 version", noting that it was "no longer sold or supported".

The company also reiterated that: "The current version of Norton Utilities has been completely rebuilt and shares no common code with Norton Utilities 2006. The code that has been posted for the 2006 version poses no security threat to users of the current version of Norton Utilities."

Update 2: The hacker said on Twitter that "we've decided not to release [the] code to the public until we get full of it". It looks like they have other plans up their sleeve.

Image source: Twitter.

Related:

Topics: Security

About

Zack Whittaker writes for ZDNet, CNET, and CBS News. He is based in New York City.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.