Symantec: Hackers did steal code, but it's old

By Dan Kaplan on Jan 9, 2012 8:33 AM
Filed under Software

Discontinued products.

Symantec has confirmed reports hackers compromised a portion of its source code, but claimed the stolen code is related to two enterprise security products that have been discontinued.

The code belonged to Endpoint Protection 11.0 and Antivirus 10.2, which are four and five years oldrespectively. Symantec's consumer security line, Norton, was not affected.

"Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec's solution," the company said in a Facebook update. "Furthermore, there are no indications that customer information has been impacted or exposed at this time."

Symantec said an unnamed third-party network, not its own, was breached.

Last Thursday a cyber gang named The Lords of Dharmaraja claimed in a Pastebin document to possess source code belonging to a dozen software companies. A second document contained a sneak peak of the Symantec source code and promised a complete exposure.

A spokesman for the anti-virus company originally denied that any of the documents revealed code, but the company has since confirmed one did include a segment of the programming language.

Experts said the age of the code will likely prevent misuse.

"In general, there isn't much hackers can learn from the code which they hadn't known before," director of security strategy at Imperva, Rob Rachwald, said. "Why? Most of the anti-virus product is based on attack signatures. By basing defenses on signatures, malware authors continuously write malware to evade signature detection. With code that is four to five years old, chances are the software product has changed quite a bit, making the code even less useful."

This article originally appeared at scmagazineus.com

 
Follow us on Facebook and Twitter
 

Copyright © SC Magazine, US edition

Symantec: Hackers did steal code, but it's old
 
 
 
 
 
Top Stories
More hope for desktop PC market
Workstation shipments to jump, even though PCs down overall.
 
No easy fix to crisis in PC repair
The strife at NCSS and AWA is part of a structural problem.
 
Oracle's Larry Ellison steps down
Co-founder to move aside after 37 years.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
My business strategy is to:

Latest Comments
CRN Magazine

Issue: 330 | August 2014

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.