Symantec admits their network was hacked

Symantec has back pedaled on earlier statements that source code for some of their popular products had been obtained via a hack on a third party. Symantec has now admitted that their own network had been compromised, resulting in stolen source code for some of their products.

Symantec admits their network was hacked

Last week hacker group Yama Tough had threatened to release source code for Norton AntiVirus. Symantec claimed that this code was obtained via a hack on Indian military servers. Symantec also claimed the source code was from older products, namely Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2.

Symantec released a statement to Reuters on Thursday admitting that their own network had actually been compromised and the source code that had been stolen was more recent than the five year old code they originally claimed had been obtained. In the statement, spokesperson Chris Paden admits that the source code from Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, had been stolen.

So, what about Yama Tough? The group decided to hold off on releasing the source code claiming on Twitter that they will use the code to zero-day the software instead.

“We’ve decided not to release code to the public until we get full of it. 1st we’ll own evrthn we can by 0din’ the sym code & pour mayhem.”

The group also claimed on Twitter that they had obtained some of the source code for pcAnywhere, Symantec’s remote access software. “PCAnywhere code is being released to blackhat community for 0d expltin!”

Paden basically confirmed this claim when he admitted in his statement that pcAnywhere users will be facing “a slightly increased security risk.”

“Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information,” Paden said.

If Yama Tough makes good on their promise for mayhem then a good number of people could be at an increased security risk, especially considering one of the products they may have code for is the Enterprise version of NAV. Do you use any of Symantec’s products? Has the company reached out to you to warn you about what’s happened? Let us know in the comments.