Symantec corporate anti-virus source code stolen

Powered by SC Magazine
 

Then worm exploits Symantec remote vulnerability.

Symantec has admitted that it was breached six years ago, with the source code for its Norton software stolen.

According to Reuters, unknown hackers obtained the source code to Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere.

Symantec previously denied the programs were hacked which said that a document from 28 April 1999 defining the application programming interface for Symantec's virus definition generation service was stolen, and not source code.

Symantec spokesman Cris Paden said at the time: “This document explains how the software is designed to work and contains function names, but there is no actual source code present.”

However, Paden was forced to backtrack on this and admit that it had been breached after an investigation revealed that the company's networks had been compromised.

“We really had to dig way back to find out that this was actually part of a source code theft. We are still investigating exactly how it was stolen,” he said.

“Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information.”

Paden insisted that the 2006 attack presented no threat to customers using the most recent versions of Symantec's software, saying that users are protected against any type of cyber attack that might materialise as a result of this code.

But eEye Digital Security said it detected a worm that was actively exploiting a remote Symantec vulnerability  in May 2006, later patched by Symantec on 12th June, 2006.

"...This is the first example of a worm leveraging this vulnerability for self-propagation.”

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition


Symantec corporate anti-virus source code stolen
Tags
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1771

Vote
Do you support the abolition of the Office of the Information Commissioner?