Hackers Claim Symantec Code

Friday, January 6, 2012 @ 05:01 PM gHale


Manufacturers beware, hackers posted a file online they say is a confidential glimpse into Symantec’s Norton Antivirus program and have threatened to release source code for the security giant’s flagship antivirus product.

The hacker group, which calls itself the Lords of Dharmaraja, posted a file on Pastebin it said described the confidential workings of Symantec’s Norton Antivirus threat-detection product.

RELATED STORIES
SQL Injection Attack Hits 1 Million
Scareware Meets Smartphones
Smartphone Users: Malicious Apps Abound
Data Treasure on Old Smartphones

Hackers could learn from the documentation, and any source code, to exploit and corrupt the antivirus program or write malicious code that circumvents Norton’s product altogether. The original post is no longer on Pastebin, although there is a Google cache.

The hackers claim to have discovered Symantec’s source code in a hack they conducted on India’s military and intelligence servers. In their online post, the hackers said, “We have discovered within the Indian Spy Program source codes of a dozen software companies,” which the hackers said had signed agreements with an Indian defense program and India’s Central Bureau of Investigation.

In an email, a Symantec spokesman, Cris Paden, said the hackers’ post was an outdated document from 1999 that “explains how the software is designed to work (what inputs are accepted and what outputs are generated) and contains function names, but there is no actual source code present.”

The hacker group threatened to release the actual source code for the Norton AntiVirus software later on. “We are working out mirrors as of now,” the hackers wrote in their post.

Symantec’s Norton brand antivirus products make up the bulk of its sales to consumers, which totaled nearly $2 billion last year — a third of Symantec’s revenue. If any part of its source code suffers from an exploit or ends up tampered with, it could hurt Symantec’s share price and bottom line.



Leave a Reply

You must be logged in to post a comment.