::Trend Micro Threat Resource Center::

18 January 2012

Symantec admits its networks were hacked and source code stolen

After having first claimed that the source code leaked by Indian hacking group Dharmaraja was not stolen through a breach of its networks, but possibly by compromising the networks of a third party entity, Symantec backpedalled and announced that the code seems to have exfiltrated during a 2006 breach of its systems.


Symantec spokesman Cris Paden has confirmed that unknown hackers have managed to get their hands on the source code to the following Symantec solutions: Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere.

And while he claims that the only customers that should be somewhat worried are those using pcAnywhere, ITIC analysts Laura DiDio says that that might not be the whole truth. "Unless Symantec wrote all new code from scratch, there are going to be elements of source code in there that are still relevant today," she shared with Reuters.

In the meantime, a hacker that goeas by the handle of "Yama Tough" and is part of the aforementioned group has announced the release of the source code for Norton Antivirus, but then backed up saying that the group has decided to delay it until it has had the chance to take advantage of the vulnerabilities in the code.

He then announced the release of pcAnywhere code for the blackhat community to exploit, but the group has yet to deliver on the promise.

"Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information," commented Paden.