IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Symantec confirms product source code theft

The security giant says source code on two of its older enterprise products is accessed.

Symantec

Symantec today confirmed some of its source code relating to two of its "older enterprise products" has been stolen.

Although one of the products has been discontinued, another remains active, yet Symantec was not forthcoming about what those products were.

The code is four and five years old, the security giant said, and does not affect Norton products for consumers.

If the source code is recent and hackers find serious vulnerabilities, it could be possible to exploit the actual anti-virus program itself.

"Symantec's own network was not breached, but rather that of a third party entity. We are still gathering information on the details and are not in a position to provide specifics on the third party involved," a spokesperson told IT Pro.

"Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec's solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time. However, Symantec is working to develop remediation process to ensure long-term protection for our customers' information. We will communicate that process once the steps have been finalised."

Symantec said it had no further details to disclose at the time but will provide updates as it confirms "additional facts."

Reports about a source code leak emerged earlier this week, following a post on Pastebin claiming source code for Norton Antivirus was stolen. However, the claims turned out to be false.

That post contained a document from 28 April 1999 defining the Application Programming Interface (API) for the Definition Generation Service. "This document explains how the software is designed to work (what inputs are accepted and what outputs are generated) and contains function names, but there is no actual source code present," Symantec's senior manager for corporate communications Cris Paden said yesterday evening.

However, the same group behind that posting made a second claim about additional source code.

Then this morning Symantec confirmed certain source code relating to its products had been accessed.

Hackers calling themselves The Lords of Dharmaraja threatened to publish the information online, a Google cache of a Pastebin post showed.

They claimed to have acquired the information from the Indian military.

"We are working out mirrors as of now since we experience extreme pressure and censorship from US and India government agencies," the message read.

Rob Rachwald, director of security for Imperva, noted many Governments require source code from vendors to prove software isn't spyware.

Although the source code leak would be "quite embarrassing on Symantec's part," it should not cause major security concerns for customers, Rachwald said.

"The workings of most of the anti-virus' algorithms have also been studied already by hackers in order to write the malware that defeats them. A key benefit of having the source code could be in the hands of the competitors," he added in a blog post.

"If the source code is recent and hackers find serious vulnerabilities, it could be possible to exploit the actual anti-virus program itself. But that is a big if and no one but Symantec knows what types of weaknesses hackers could find."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021
83% of critical infrastructure companies have experienced breaches in the last three years
cyber security

83% of critical infrastructure companies have experienced breaches in the last three years

11 Nov 2021

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022