Indian hacker lords have Symantec antivirus code

Jan 07, 2012 by Nancy Owano report

(PhysOrg.com) -- An Indian hacker group called The Lords of Dharmaraja has laid claim to Symantec’s antivirus software code. Symantec, confirming the theft in an e-mail posted Friday, said the chunk of pilfered code was stolen from a third party, was old, and that its own network had not been breached. The group had announced they got the code and confidential information. "Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued," according to a spokesman for Symantec.

The stolen code is four to five years old and the Mountain View, California, company stressed that the there were no signs that customer information had been tampered with, and they stated that their own security networks had not been breached.

The Lords of Dharmaraja say they took the files from Indian military intelligence servers.

A hacker from the group, Yama Tough, provided security site Infosec Island with files that appeared to contain from the 2006 version of Norton Antivirus. The site passed the code on to Symantec, which confirmed that the code was genuine. Symantec also pointed out that the exposed source code corresponded to its enterprise products.

Outside Symantec, reports said that the hackers gained access to source code related to Symantec Endpoint Protection (SEP) 11.0 and Symantec Antivirus 10.2; both were reportedly sitting on the Indian military servers. The Symantec Antivirus 10.2 was five years old and was discontinued but, according to Reuters, is still being serviced. SEP 11.0, utilized to block outgoing data from being leaked, was four years old and had been updated regularly since.

Security experts outside the company appear to concur with Symantec that the incident is unwelcome but not catastrophic. Fundamentally, the reaction was that there was not much the hackers could do with what they got.

“As someone who worked in the industry, I don't see a tremendous security risk to the source code release itself,” said contributor Kevin McAleavey, architect of the KNOS secure operating system and antimalware researcher, in Infosec Island.

He said the code was pre-Vista, was not 64-bit compatible, and the newer safe functions were not in use. Looking the code over, he concluded that it was indeed “genuine source code from an ancient version of their antivirus,” but at the same time could only be looked upon “by us antimalware coders as a museum exhibit, not an actual threat."

While security watchers did not see any serious consumer risks, the question being asked is, whether it is trophy, museum piece, or act of breach, however termed, but at what enterprise-business price? Analysts say that any hacker publicity involving a security software company can never be an easy ride for the affected vendor.

Explore further: Android gains in US, basic phones almost extinct

Related Stories

Recommended for you

Android gains in US, basic phones almost extinct

12 hours ago

The Google Android platform grabbed the majority of mobile phones in the US market in early 2014, as consumers all but abandoned non-smartphone handsets, a survey showed Friday.

Hackathon team's GoogolPlex gives Siri extra powers

Apr 17, 2014

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

gwrede
2 / 5 (3) Jan 07, 2012
Well, if nothing else, we will at least see a profound change in how "virus" software and antivirus software will compete in the next few years.

While earlier the competition and staple action was between viruses and anti-virus products, we now will increasingly see the action and battle of anarchist groups vs the establishment in headlines. Personally, I believe that there will be a proliferation of whistle-blower sites, a-groups aspiring for global fame for their "robin-hoodian" endeavours, the old anti-virus companies trying to establish a foothold in the new environment, and young people living and embracing this new environment before we older folks even understand there's been a change.
Argiod
1.8 / 5 (4) Jan 08, 2012
...old code or not, this shows that somebody got past Symantec's current A/V software to get at it...
So, if Symantec cannot effectively keep hackers out if IT'S files... how well will their software protect OUR systems?
Manhar
1 / 5 (1) Feb 14, 2012
It is surprising that Indian hackers reached to this stage. India is heavily corrupted country and these hackers can be brought to trial easily. However along with name Dharmaraja in to bracket DAVID should have clarifid the meaning of the name.

More news stories

Researchers uncover likely creator of Bitcoin

The primary author of the celebrated Bitcoin paper, and therefore probable creator of Bitcoin, is most likely Nick Szabo, a blogger and former George Washington University law professor, according to students ...

LinkedIn membership hits 300 million

The career-focused social network LinkedIn announced Friday it has 300 million members, with more than half the total outside the United States.

Impact glass stores biodata for millions of years

(Phys.org) —Bits of plant life encapsulated in molten glass by asteroid and comet impacts millions of years ago give geologists information about climate and life forms on the ancient Earth. Scientists ...