Indian hacker lords have Symantec antivirus code

January 7, 2012 by Nancy Owano report

( -- An Indian hacker group called The Lords of Dharmaraja has laid claim to Symantec’s antivirus software code. Symantec, confirming the theft in an e-mail posted Friday, said the chunk of pilfered code was stolen from a third party, was old, and that its own network had not been breached. The group had announced they got the code and confidential information. "Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued," according to a spokesman for Symantec.

The stolen code is four to five years old and the Mountain View, California, company stressed that the there were no signs that customer information had been tampered with, and they stated that their own security networks had not been breached.

The Lords of Dharmaraja say they took the files from Indian military intelligence servers.

A hacker from the group, Yama Tough, provided security site Infosec Island with files that appeared to contain from the 2006 version of Norton Antivirus. The site passed the code on to Symantec, which confirmed that the code was genuine. Symantec also pointed out that the exposed source code corresponded to its enterprise products.

Outside Symantec, reports said that the hackers gained access to source code related to Symantec Endpoint Protection (SEP) 11.0 and Symantec Antivirus 10.2; both were reportedly sitting on the Indian military servers. The Symantec Antivirus 10.2 was five years old and was discontinued but, according to Reuters, is still being serviced. SEP 11.0, utilized to block outgoing data from being leaked, was four years old and had been updated regularly since.

Security experts outside the company appear to concur with Symantec that the incident is unwelcome but not catastrophic. Fundamentally, the reaction was that there was not much the hackers could do with what they got.

“As someone who worked in the industry, I don't see a tremendous security risk to the source code release itself,” said contributor Kevin McAleavey, architect of the KNOS secure operating system and antimalware researcher, in Infosec Island.

He said the code was pre-Vista, was not 64-bit compatible, and the newer safe functions were not in use. Looking the code over, he concluded that it was indeed “genuine source code from an ancient version of their antivirus,” but at the same time could only be looked upon “by us antimalware coders as a museum exhibit, not an actual threat."

While security watchers did not see any serious consumer risks, the question being asked is, whether it is trophy, museum piece, or act of breach, however termed, but at what enterprise-business price? Analysts say that any hacker publicity involving a security software company can never be an easy ride for the affected vendor.

Explore further: Naughty Norton: Symantec Fixes Flaw in Security Software

Related Stories

iOS still safer than Android, according to Symantec report

June 29, 2011

( -- Since the Android OS came out people have been comparing it to the iOS. One of the most important debates has been about the relative security of the two operating systems. The iOS is rather closed, with ...

Recommended for you

Making it easier to collaborate on code

October 26, 2016

Git is an open-source system with a polarizing reputation among programmers. It's a powerful tool to help developers track changes to code, but many view it as prohibitively difficult to use.

Dutch unveil giant vacuum to clean outside air

October 25, 2016

Dutch inventors Tuesday unveiled what they called the world's first giant outside air vacuum cleaner—a large purifying system intended to filter out toxic tiny particles from the atmosphere surrounding the machine.


Adjust slider to filter visible comments by rank

Display comments: newest first

Jan 07, 2012
This comment has been removed by a moderator.
2 / 5 (3) Jan 07, 2012
Well, if nothing else, we will at least see a profound change in how "virus" software and antivirus software will compete in the next few years.

While earlier the competition and staple action was between viruses and anti-virus products, we now will increasingly see the action and battle of anarchist groups vs the establishment in headlines. Personally, I believe that there will be a proliferation of whistle-blower sites, a-groups aspiring for global fame for their "robin-hoodian" endeavours, the old anti-virus companies trying to establish a foothold in the new environment, and young people living and embracing this new environment before we older folks even understand there's been a change.
1.8 / 5 (4) Jan 08, 2012
...old code or not, this shows that somebody got past Symantec's current A/V software to get at it...
So, if Symantec cannot effectively keep hackers out if IT'S files... how well will their software protect OUR systems?
1 / 5 (1) Feb 14, 2012
It is surprising that Indian hackers reached to this stage. India is heavily corrupted country and these hackers can be brought to trial easily. However along with name Dharmaraja in to bracket DAVID should have clarifid the meaning of the name.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.