Symantec confirms hacker theft of Norton anti-virus source code

Symantec, the anti-virus maker, has confirmed that a hacking group has stolen a "segment" of its flagship product. The group said it would make the source code available.
Written by Zack Whittaker, Contributor

Symantec has confirmed that a "segment" of its flagship Norton anti-virus product's source code was leaked onto the web this week.

The firm said that the code relates to two older enterprise products, one of which is no longer in production. But it said the breach was on a third-party network rather than its own, and will "not affect any current Norton product".


The source code has yet to be published, but a post making the claim on to hacker's favourite Pastebin has since been removed. A Google cache of the page still exists.

"So far we have discovered within the Indian Spy Programme source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI", the note added.

Symantec has started an investigation, but claims that the document does not reflect the current work of the security firm.

While the security firm said it was "not in a position to provide specifics on the third party involved", it is thought that the third-party network belonged to one of the Indian intelligence agencies.

"This document explains how the software is designed to work (what inputs are accepted and what outputs are generated) and contains function names, but there is no actual source code present," he said, speaking to the IDG news service.

The "The Lords of Dharmaraja", the hacking group who authored the Pastebin note, has yet to release the code online.

A second note appeared detailing files that feature in the source code, but Symantec could not confirm if the file listings if more of its products or services could be compromised.

Rob Rachwald, director of security at Impervia, said that this breach is "quite embarrassing on Symantec’s part". He added that should the source code be recent and hackers find serious vulnerabilities, it could be possible to exploit the product itself.

"But that is a big if and no one but Symantec knows what types of weaknesses hackers could find", he added.

Image source: Pastebin.


Editorial standards