Symantec confirms hacker theft of Norton anti-virus source code

Symantec confirms hacker theft of Norton anti-virus source code

Summary: Symantec, the anti-virus maker, has confirmed that a hacking group has stolen a "segment" of its flagship product. The group said it would make the source code available.

SHARE:
TOPICS: Security
37

Symantec has confirmed that a "segment" of its flagship Norton anti-virus product's source code was leaked onto the web this week.

The firm said that the code relates to two older enterprise products, one of which is no longer in production. But it said the breach was on a third-party network rather than its own, and will "not affect any current Norton product".

The source code has yet to be published, but a post making the claim on to hacker's favourite Pastebin has since been removed. A Google cache of the page still exists.

"So far we have discovered within the Indian Spy Programme source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI", the note added.

Symantec has started an investigation, but claims that the document does not reflect the current work of the security firm.

While the security firm said it was "not in a position to provide specifics on the third party involved", it is thought that the third-party network belonged to one of the Indian intelligence agencies.

"This document explains how the software is designed to work (what inputs are accepted and what outputs are generated) and contains function names, but there is no actual source code present," he said, speaking to the IDG news service.

The "The Lords of Dharmaraja", the hacking group who authored the Pastebin note, has yet to release the code online.

A second note appeared detailing files that feature in the source code, but Symantec could not confirm if the file listings if more of its products or services could be compromised.

Rob Rachwald, director of security at Impervia, said that this breach is "quite embarrassing on Symantec’s part". He added that should the source code be recent and hackers find serious vulnerabilities, it could be possible to exploit the product itself.

"But that is a big if and no one but Symantec knows what types of weaknesses hackers could find", he added.

Image source: Pastebin.

Related:

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

37 comments
Log in or register to join the discussion
  • RE: Symantec confirms hacker theft of Norton anti-virus source code

    Its not like their products can get any worse with the stolen code.
    Loverock Davidson-
    • RE: Symantec confirms hacker theft of Norton anti-virus source code

      @Loverock Davidson-
      On that, I must agree with you. I have used Symantec on both Windows and Mac in the past. NEVER AGAIN.

      One of my family members still uses Symantec on his Mac. Lately it's been causing a lot of problems by misidentifying files as malicious which are from known good sources, doing a full scan of disks that it is only supposed to do a differential scan on (crippling the system until it's done), refusing to scan on demand (as opposed to on it's own schedule) not scanning new files when they arrive, etc... The application and support files are all up to date. First Symantec support denied the issues, then they admitted them, tried to deny again, and now are refusing to help even troubleshoot their own application. Long story short - after 5 years of recommendation from me, this relative is finally moving on to something else - probably ClamXAV.

      How this company keeps it's consumer products alive when the alternatives are so much better is beyond me.
      use_what_works_4_U
      • RE: Symantec confirms hacker theft of Norton anti-virus source code

        @macadam
        &quotHow this company keeps it's consumer products alive when the alternatives are so much better is beyond me.&quot

        The short answer: New PC crapware
        Flying Pig
    • RE: Symantec confirms hacker theft of Norton anti-virus source code

      @Loverock Davidson- On the contrary, my experience with the new version of norton is exceptionally good. On over 1,000 systems, no issues of any kind with Norton. it works very well, has a good track record, and doesn't have a huge impact on system resources.
      SuperComputerGuru
      • RE: Symantec confirms hacker theft of Norton anti-virus source code

        @SuperComputerGuru
        Sounds like some advert guy....
        afedwin@...
      • RE: Symantec confirms hacker theft of Norton anti-virus source code

        @SuperComputerGuru
        Who's paying you to tell me to ignore empirical evidence to the contrary?
        marlin_s
      • no issues...except the obivous...

        @SuperComputerGuru no issues with Norton? Except for that the Source Code of the product your endorsing was just compromised, that's not an issue for you?
        elCharles
    • One point to consider...

      @Loverock Davidson-

      Don't confuse their home and their corporate offerings, and don't judge one by the other. Their corporate AV software (Endpoint) is top-notch, both in terms of detection and footprint... Norton as we all know is just bloated crud (as it has been for years) that seems to be designed around the assumption that every home PC user is a moron who can't be trusted to make a single wise decision!

      Why Symantec can't simply do away with the bloatware and make their corporate software model their template for all is beyond me....
      kaninelupus
    • RE: Symantec confirms hacker theft of Norton anti-virus source code

      Inside job, Symantec has been know to outsource, who's to say your code base is safe in another country.

      Many company's will find this out the hard way, you outsource to some unknown firm because you can save some cash, yet in the long run your screwed because code from your core product will be sold to the highest bidder, or taken by the janitor and dumped on the internet and you have no recourse because you were just looking at the money you were going to save and not at the big picture.

      Guess you got what you paid for, foolz . .
      mrethiopian@...
  • RE: Symantec confirms hacker theft of Norton anti-virus source code

    The enterprise versions of these products are really where Symantec's attention is focused on nowadays and the consumer versions have suffered some degree of "benign neglect". To me that's considered unacceptable but when there's alternative products on the consumer side such as AVG, MS Security Essentials then that's where consumers will go instead. I for one have used Symantec's consumer products in the past and they were a mixed bag at best.
    rcm0502@...
    • RE: Symantec confirms hacker theft of Norton anti-virus source code

      @rcm0502@... - Even the Enterprise products stink to high heaven. FWIW, I would not trust AVG or MCAfee either. While no product is 100% reliable (they are lying if they pretend they are) I have seen those 3 products miss what should not have been missed.
      smashandgrab
  • They didn't steal anything of value - nt -

    .
    cdgoldin
  • RE: Symantec confirms hacker theft of Norton anti-virus source code

    ha! use avast myself.!
    varick
  • RE: Symantec confirms hacker theft of Norton anti-virus source code

    They should welcome hackers getting hold of the source code. It's clunky at best and Symantec products often cause more trouble than they're worth. As an IT professional I would never encourage anyone to use them or McCafee
    johnukguy
  • RE: Symantec confirms hacker theft of Norton anti-virus source code

    What will hapen once the "hackers" get their own satellite in orbit?? They say it's to keep their doings private so the governments' cannot intercept or watch their movements on the web. Again then what??
    Lymon1
  • RE: Symantec confirms hacker theft of Norton anti-virus source code

    People still use Symantec products? I did not know they were available for Linux.
    schmoeleco@...
  • Symantec source code hacked. . . .

    Just wondering. How secure is Microsoft in this day and age ? ? ? ?
    Northeast & Atlantic RR
    • RE: Symantec confirms hacker theft of Norton anti-virus source code

      @Northeast & Atlantic RR
      Microsoft has part of there source code stolen also.. Back in 2006.
      Anthony E
    • RE: Symantec confirms hacker theft of Norton anti-virus source code

      @Northeast & Atlantic RR

      According to my universities IT MS Security (programs) are on par with Norton, McAfee, etc.

      Not because MS has climbed but because the others have fallen.

      When I first heard this I wondered how far they could have fallen because they weren't that good to begin with.

      .
      rmhesche
    • RE: Symantec confirms hacker theft of Norton anti-virus source code

      http://community.norton.com/t5/Norton-360/Microsoft-Security-Hole/td-p/617341

      I have been having problems for months and nobody seems to know how to help.
      fyzzx4phun