Symantec has confirmed reports hackers compromised a portion of its source code, but claimed the stolen code is related to two enterprise security products that have been discontinued.
The code belonged to Endpoint Protection 11.0 and Antivirus 10.2, which are four and five years oldrespectively. Symantec's consumer security line, Norton, was not affected.
"Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec's solution," the company said in a Facebook update. "Furthermore, there are no indications that customer information has been impacted or exposed at this time."
Symantec said an unnamed third-party network, not its own, was breached.
Last Thursday a cyber gang named The Lords of Dharmaraja claimed in a Pastebin document to possess source code belonging to a dozen software companies. A second document contained a sneak peak of the Symantec source code and promised a complete exposure.
A spokesman for the anti-virus company originally denied that any of the documents revealed code, but the company has since confirmed one did include a segment of the programming language.
Experts said the age of the code will likely prevent misuse.
"In general, there isn't much hackers can learn from the code which they hadn't known before," director of security strategy at Imperva, Rob Rachwald, said. "Why? Most of the anti-virus product is based on attack signatures. By basing defenses on signatures, malware authors continuously write malware to evade signature detection. With code that is four to five years old, chances are the software product has changed quite a bit, making the code even less useful."
This article originally appeared at scmagazineus.com
Copyright © SC Magazine, US edition
Issue: 325 | March 2014
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.