Anonymous leaks Symantec's Norton anti-virus source code

Anonymous leaks Symantec's Norton anti-virus source code

Summary: Anonymous has released what appears to be the source code from Norton Antivirus 2006, in what could be a seriously damaging exercise for Symantec.

TOPICS: Security

Anonymous, for which LulzSec was distantly related to, has leaked a copy of the Symantec Norton Antivirus 2006 source code on to peer-to-peer site The Pirate Bay.

Those who claim to be members of Anonymous have said for months that they were in possession of the source code, something that Symantec eventually admitted to, but only confirmed that a "segment" of the code leaked at the time.

The download file, at 1.07GB, appears to include the source code to a number of products within the software, including the consumer version, the corporate edition, and other files for Windows, Unix, and NetWare.

The code is thought to have been access from a network belonging to the Indian intelligence services. But Symantec would not confirm who the third-party involved is.

Attached to the file, a note calls for the release of the LulzSec hackers, who were taken down by the authorities this week. There was an exception of one name, however: "Sabu", or Hector Xavier Monsegur, who was the leader of the group, and suspected of working with the FBI to inform on his fellow hackers.

It is believed that the Indian authorities wanted access to the source code to ensure that the product was secure. Symantec agreed, and the code was inspected. But the source code was left to stagnate on a poorly-secured network which was then accessed by the hackers.

The anti-virus and security company previously said that the breach will "not affect any current Norton product". It added: "The current version of Norton Utilities has been completely rebuilt and shares no common code with Norton Utilities 2006. The code that has been posted for the 2006 version poses no security threat to users of the current version of Norton Utilities."

Symantec was unavailable for comment at the time of writing.

Image source: Twitter/ZDNet.


More on LulzSec:

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Source Code...

    Sorry.... but I don't think anyone really cares. It's a low end product that doesn't work.
  • except that...

    now the source code is out, someone can fix it and make a product that works and put symantec out of 'business'.
    • The code is likely copywrited

      so no one will be able to use it legally, so little chance of that happening.
      William Farrel
  • and that

    is why i swapped 300 pcs to kaspersky.
  • Nortons sucks

    No big deal Nortons doesnt protect or catch anything lol. The 2 worse ones out are Nortons and Mcaffee
  • Symantec Statement

    Symantec can confirm that the source code for 2006 versions of Norton Antivirus posted by Anonymous is authentic. The exposure of this code poses no increased risk to Norton or Symantec customers. This code is part of the original cache of code for 2006 versions of the products that Anonymous has claimed to possess over the last few weeks. We anticipated that the code would be posted. As we have already stated publicly, our analysis shows that due to the age of the exposed code, Symantec antivirus or endpoint security consumer and business customers ??? including anyone running Norton products ??? should not be in any increased danger of cyber attacks resulting from this incident. We also anticipate that Anonymous will post the rest of the code they have claimed to have in their possession. So far, they have posted code for the 2006 versions of Norton Utilities, pcAnywhere, and Norton Antivirus. We also anticipate that at some point, they will post the code for the 2006 versions of Norton Internet Security. Again, the code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialize as a result of this incident.
  • Pirate Bay is a "file sharing" site?

    I thought a big deal was made about The Pirate Bay no longer hosting torrent files, and I don't think they ever hosted files directly.
  • Editor needed

    "Anonymous, for which LulzSec was distantly related to,..." ????

    An editor is needed for this writer and column!
  • It is extremely old code

    I am sure that so much has changed in the latest versions of Norton products (which Norton has a 'free upgrade if you keep a yearly plan' thing) that this source code is near worthless.
  • New AV Products?

    Granted, NAV has advanced a lot in 6 years, but I have a feeling we'll most likely be seeing a lot of new anti-virus apps popup, based on the 2006 version of Norton AV.
    Michael Lauzon