Hackers who claim to have acquired source code for Symantec's Norton Antivirus are threatening to release that code to the internet on January 17. Symantec has been quick to reassure users that releasing this code would pose no threat because it is from an old and unsupported version of NAV.
The hackers go by the name Yama Tough and their Twitter account uses the now infamous Guy Fawkes mask in their avatar. Saturday, the group tweeted that the impending release of 1.7GB of Norton AntiVirus (NAV) source code would occur on Tuesday January 17. The tweet also mentioned "the rest will follow."
The group is thought to have obtained the source code for NAV by breaching servers owned and run by Indian military intelligence. The claim is that the code was left on those servers by accident following experts who were reviewing the code to ensure it was secure.
Symantec has since identified the products that the code came from; Symantec Endpoint Protection (SEP) 11.0 and Symantec Antivirus 10.2. Neither version is currently supported. The statement from Symantec, issued to ZDNet said “the code for Norton Utilities that was posted publicly is related to the 2006 version.”
The statement went on to assure users that having old source code leak out would not impact current products in any way.
“The current version of Norton Utilities has been completely rebuilt and shares no common code with Norton Utilities 2006. The code that has been posted for the 2006 version poses no security threat to users of the current version of Norton Utilities.”
It seems there is no particular danger from this source code getting out in the wild with the exception of Symantec being a bit embarrassed about the entire situation. It does beg the question of what else does this group plan to leak out, considering their statement of "the rest will follow." Does that mean the 1.7GB is not the entirety of the source code they have or does it mean they have source to more recent products as well? I suppose we'll know the answer soon enough.
