Symantec: Hackers Obtained Enterprise Product Source Code, Not Norton

The security solutions provider came forward with another statement saying that the Indian hackers managed to obtain source codes for Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2.

After media outlets began picking up the news that Indian hackers managed to obtain the source code of a Symantec product, the company started investigating the claims.

If at first they revealed that the hackers only obtained some documentation from 1999, in which it was explained how Norton Antivirus worked, now they found that the products affected were from the Enterprise product line, SecurityWeek reports.

“We are still gathering information on the details and are not in a position to provide specifics on the third party involved,” the company said in a statement.

“Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec’s solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time. Symantec is working to develop remediation process to ensure long-term protection for our customers’ information.”

The hacking operation didn’t target Symantec directly and the exposed products are not the latest variants on the market (Endpoint Protection is at 12.0 version now), so experts believe that this shouldn’t affect the company too much.

“If the rumors turn out to be true, the implications of the anti-virus code leakage will not keep the Symantec folks awake too late at night, and certainly not their customers,” Rob Rachwald, director of Security Strategy at Imperva, said.

“After all, there isn’t much hackers can learn from the code which they hadn’t known before. Most of the anti-virus product is based on attack signatures. By basing defenses on signatures, malware authors continuously write malware to evade signature detection.”

Symantec is expected to release more statements on the matter so stay tuned to find out how the story ends.