Symantec has confirmed that source code for its stolen Norton anti-virus was leaked.
The security software vendor was forced into a blackmail battle with a hacker who claimed to have the the source code to Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere. The hacker ‘YamaTough' attempted to secure $US50,000 from Symantec, threatening to release the six-year old source code.
Symantec confirmed that the source code was authentic but in a statement said its exposure posed no risk to Norton or Symantec customers.
“This code is part of the original cache of code for 2006 versions of the products that Anonymous has claimed to possess over the last few weeks.
“We anticipated that the code would be posted. As we have already stated publicly, our analysis shows that due to the age of the exposed code and the fact that it is only a small subset of the complete code, Symantec anti-virus or endpoint security consumer and business customers – including anyone running Norton products – should not be in any increased danger of cyber attacks resulting from this incident.
“We also anticipate that Anonymous will post the rest of the code they have claimed to have in their possession. So far, they have posted a small portion of the source code for the 2006 versions of Norton Utilities, pcAnywhere, and Norton Antivirus. We also anticipate that at some point, they will post the code for the 2006 versions of Norton Internet Security. Again, the code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialise as a result of this incident.”
According to a report from The Hacker News, the code was posted on the Pirate Bay with a download size of 1.07GB. The file has a note that asks for the liberation of the LulzSec members that were arrested, minus Hector Monsegur, aka 'Sabu'.
This article originally appeared at scmagazineuk.com
Copyright © SC Magazine, US edition
Issue: 315 | May 2013
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.