Symantec confirmed for Infosec Island that the Norton Antivirus 2006 source code leaked by Anonymous yesterday was in fact genuine. However, company representatives state that they were expecting this move and that customers are not affected in any way.
We previously reported that the 1.4 gigabyte code published by the hackers on The Pirate Bay looked to be legitimate, and our suspicions turned out to be true. Symantec confirmed that it was an authentic leak, but since the move was expected, the firm doesn’t seem to be concerned about the outcome.
“Symantec can confirm that the source code for 2006 versions of Norton Antivirus posted by Anonymous is authentic. The exposure of this code poses no increased risk to Norton or Symantec customers,” said Cris Paden, senior manager for corporate communications at Symantec.
“This code is part of the original cache of code for 2006 versions of the products that Anonymous has claimed to possess over the last few weeks.”
Apparently the company anticipated this move and they’ve already stated this on previous occasions. They reassure everyone that Symantec Antivirus and Endpoint Security customers are not exposed as a result of the latest data leak.
“We also anticipate that at some point, they will post the code for the 2006 versions of Norton Internet Security. Again, the code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialize as a result of this incident,” Paden added.
Until now, the hackers have made public the source codes for pcAnywhere, Norton Utilities, and Norton Antivirus. While the fact that the code for pcAnywhere was leaked
gave Symantec a bit of a headache, the rest of them were too outdated to affect customers of the newer versions.