Symantec: Norton Code Stolen in 2006 Hacking

After admitting that the Indian hacker called YamaTough managed to obtain the source code for Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2, the company came forward with another statement to say that the source code for some of their Norton products was leaked as a result of a hacking operation that targeted their systems in 2006.

According to SecurityWeek, the security solutions provider reports that since the breach took place their security has been upgraded, but didn’t provide other clarifications.

“Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006,” Symantec’s Cris Paden said.

Back then, cybercriminals managed to obtain the source code for Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks, which includes Norton Utilities and Norton GoBack, and pcAnywhere.

“Due to the age of the exposed source code, except as specifically noted below, Symantec customers - including those running Norton products -- should not be in any increased danger of cyber attacks resulting from this incident,” Paden added.

The only ones that may be affected by the breach are pcAnywhere customers, but only if they don’t “follow general best practices.” Symantec is currently contacting pcAnywhere users to raise awareness on the situation and advise them on the steps that need to be taken to secure their devices and data.

YamaTough, a member of the Lords of Dharmaraja hacker collective, released the source code of Symantec products on several occasions. First, when the whole thing came to light and then a second time, allegedly to help a man who is suing Symantec.

After promising to reveal other Symantec source codes, yesterday YamaTough left a post on Twitter and revealed his intentions of not releasing the code.

“We've decided not to release code to the public until we get full of it =) 1st we'll own evrthn we can by 0din' the sym code & pour mayhem,” the hacker wrote.

“0din’” most probably means that they plan on finding zero-day vulnerabilities which they can use for malicious purposes.