Latest Updates

Symantec admits their network was hacked

Posted at 20 January 2012 16:37 CEST by etdragon

Symantec has back pedaled on earlier statements that source code for some of their popular products had been obtained via a hack on a third party. Symantec has now admitted that their own network had been compromised, resulting in stolen source code for some of their products.

Last week hacker group Yama Tough had threatened to release source code for Norton AntiVirus. Symantec claimed that this code was obtained via a hack on Indian military servers. Symantec also claimed the source code was from older products, namely Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2.

Symantec released a statement to Reuters on Thursday admitting that their own network had actually been compromised and the source code that had been stolen was more recent than the five year old code they originally claimed had been obtained. In the statement, spokesperson Chris Paden admits that the source code from Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, had been stolen.

So, what about Yama Tough? The group decided to hold off on releasing the source code claiming on Twitter that they will use the code to zero-day the software instead.

“We’ve decided not to release code to the public until we get full of it. 1st we’ll own evrthn we can by 0din’ the sym code & pour mayhem.”

The group also claimed on Twitter that they had obtained some of the source code for pcAnywhere, Symantec’s remote access software. “PCAnywhere code is being released to blackhat community for 0d expltin!”

Paden basically confirmed this claim when he admitted in his statement that pcAnywhere users will be facing “a slightly increased security risk.”

“Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information,” Paden said.

If Yama Tough makes good on their promise for mayhem then a good number of people could be at an increased security risk, especially considering one of the products they may have code for is the Enterprise version of NAV. Do you use any of Symantec’s products? Has the company reached out to you to warn you about what’s happened? Let us know in the comments.

Click for more news


Click to share

There are 3 comments

Posted on: 20 Jan 12 18:12
    Well, there's yet another reason not to use Norton. An insecure security company...whoo.
    MyCE Resident
    Posted on: 21 Jan 12 19:38
      Today Symantec admitted that their own network had been compromised resulting in stolen source code for some of their products.
      This should be more then enough proof to all users of their software to jump boat. Source code is the blood and life of the company loose that and basically you either rewrite the code from ground up or get ready for another release of aka ANTIVIRUS 2009 again and in bigger out breaks.
      MyCE Member
      Posted on: 22 Jan 12 17:51
        I've used Norton for years but it just keeps getting slower and slower. Time for something new....

        Post your comment

        You need to register before you can comment

        Like us

        Most popular headlines

        Windows XP security fix hangs systems and leaves them partly unprotected

        An update to the Anti Malware Service for Windows XP is causing systems to slow ...

        DVDFab decryption only available with paid licenses from now on

        DVDFab has posted a clarification on of their disc decryption policy on our foru...

        Crucial M550 512GB SSD Review - Pure speed

        • Mon 14 Apr 04:04 by Vroom

        Review: Crucial M550 Reviewed by: ANTONIS SAPANIDIS Provided by: Cr...

        Nexus 5 running Android 4.4.3 screenshot leaks

        The Chromium issue tracker reveals a screenshot of a Nexus 5 running Android 4.4...

        Microsoft releases fixes for Windows 8.1 Spring Update install errors

        Microsoft released two patches already for users who received error codes 800700...

        See all headlines