Home & Office

Hackers steal parts of Symantec's antivirus code

Hacker group steals and exposes parts of security vendor's source code on Web site, but Symantec says network and customer data not affected.
Written by Ellyne Phneah, Contributor

Hackers have exposed a portion of Symantec's antivirus source code, the blueprint for its products.

According to a Reuters report last Friday, the security vendor said hackers had stolen the code from a third party, but noted that neither its own network nor customer information had been breached. However, Symantec confirmed claims by the hacker group, Lords of Dharmaraja, which said it had obtained Symantec's source code through breaching the Indian military.

Lords of Dharmaraja posted on information-sharing Web site, pastebin, that it would soon list a Norton antivirus source code package. A person using the pseudonym "YamaTough" had posted several items to prove the group had accessed the code. The content on pastebin has since been removed and YamaTough's Google+ posts have been deleted.

"We are sharing here one technical documentation file from Symantec Source, code-transferred to Indian Military Intel and located at MEA (Ministry of External Affairs) servers we owneed (sic) recently," YamaTough had posted.

Cris Paden, a spokesperson for Symantec told Reuters: "Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued."

The source code that was exposed for Symantec Endpoint Protection 11.0, which had been used to prevent outgoing data from being leaked, was four years old and had been updated regularly, Paden said. The code for Symantec Antivirus 10.2 was five years old and had been discontinued and was no longer on sale, though, the software was still being serviced, he added.

Reuters also quoted Rob Rachwald, director of security strategy at security firm Imperva, who wrote in a blog post: "The workings of most of the antivirus algorithms have also been studied already by hackers in order to write the malware that defeats them." He noted that unlike hackers that aimed to get around firewalls and software protection, rivals could be more interested in accessing the source code to study the market leader's software.

Editorial standards