Symantec's doubts dashed: Hackers stole code

Powered by SC Magazine
 

But code was defunct.

Symantec confirmed late Thursday that hackers compromised some source code relating to two discontinued enterprise security products.

The code belonged to Endpoint Protection 11.0 and Antivirus 10.2, which are four and five years old, respectively.

Symantec's consumer security line, Norton, was not affected.

"Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec's solution," the company said in a Facebook update.

"Furthermore, there are no indications that customer information has been impacted or exposed at this time."

Symantec said an unnamed third-party network, not its own, was breached.

It is possible the hacked network belonged to India's military intelligence agency.

On Thursday, a cyber gang named The Lords of Dharmaraja said it possessed source code belonging to a dozen software companies, according to a Pastebin document (cached here).

A second document, which is no longer available, contained a sneak peak of the Symantec source code and promised a complete exposure.

A spokesman for the anti-virus company originally denied that any of the documents revealed code, but now the company confirms that one of them did include a segment of the programming language.

Experts said the age of the code will likely prevent misuse.

"In general, there isn't much hackers can learn from the code which they hadn't known before," Rob Rachwald, director of security strategy at Imperva said.

"With code that is four to five years old, chances are the software product has changed quite a bit, making the code even less useful."

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Symantec's doubts dashed: Hackers stole code
 
 
 
Top Stories
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
Doubts cast on Queensland's ICT Dashboard
Opposition, former Govt CIO say it can't be trusted.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  29%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  23%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 830

Vote