Symantec: Hackers did steal code, but it's old

Share this article:

Symantec confirmed late Thursday that hackers did in fact compromise a portion of its source code, but the stolen code is related to two enterprise security products that have been discontinued.

The code belonged to Endpoint Protection 11.0 and Antivirus 10.2, which are four and five years old, respectively. Symantec's consumer security line, Norton, was not affected.

"Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec's solution," the company said in a Facebook update. "Furthermore, there are no indications that customer information has been impacted or exposed at this time."

Symantec said an unnamed third-party network, not its own, was breached.

It is possible the hacked network belonged to India's military intelligence agency. On Thursday, a cyber gang named The Lords of Dharmaraja said it possessed source code belonging to a dozen software companies, according to a Pastebin document (cached here). A second document, which is no longer available, contained a sneak peak of the Symantec source code and promised a complete exposure.

A spokesman for the anti-virus company originally denied that any of the documents revealed code, but now the company confirms that one of them did include a segment of the programming language.

Experts said the age of the code will likely prevent misuse.

"In general, there isn't much hackers can learn from the code which they hadn't known before," Rob Rachwald, director of security strategy at Imperva, told SCMagazine.com in an email. "Why? Most of the anti-virus product is based on attack signatures. By basing defenses on signatures, malware authors continuously write malware to evade signature detection. With code that is four to five years old, chances are the software product has changed quite a bit, making the code even less useful."


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.