Indian hacker lords have Symantec antivirus code

January 7, 2012 by Nancy Owano, report

( -- An Indian hacker group called The Lords of Dharmaraja has laid claim to Symantec’s antivirus software code. Symantec, confirming the theft in an e-mail posted Friday, said the chunk of pilfered code was stolen from a third party, was old, and that its own network had not been breached. The group had announced they got the code and confidential information. "Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued," according to a spokesman for Symantec.

The stolen code is four to five years old and the Mountain View, California, company stressed that the there were no signs that customer information had been tampered with, and they stated that their own security networks had not been breached.

The Lords of Dharmaraja say they took the files from Indian military intelligence servers.

A hacker from the group, Yama Tough, provided security site Infosec Island with files that appeared to contain from the 2006 version of Norton Antivirus. The site passed the code on to Symantec, which confirmed that the code was genuine. Symantec also pointed out that the exposed source code corresponded to its enterprise products.

Outside Symantec, reports said that the hackers gained access to source code related to Symantec Endpoint Protection (SEP) 11.0 and Symantec Antivirus 10.2; both were reportedly sitting on the Indian military servers. The Symantec Antivirus 10.2 was five years old and was discontinued but, according to Reuters, is still being serviced. SEP 11.0, utilized to block outgoing data from being leaked, was four years old and had been updated regularly since.

Security experts outside the company appear to concur with Symantec that the incident is unwelcome but not catastrophic. Fundamentally, the reaction was that there was not much the hackers could do with what they got.

“As someone who worked in the industry, I don't see a tremendous security risk to the source code release itself,” said contributor Kevin McAleavey, architect of the KNOS secure operating system and antimalware researcher, in Infosec Island.

He said the code was pre-Vista, was not 64-bit compatible, and the newer safe functions were not in use. Looking the code over, he concluded that it was indeed “genuine source code from an ancient version of their antivirus,” but at the same time could only be looked upon “by us antimalware coders as a museum exhibit, not an actual threat."

While security watchers did not see any serious consumer risks, the question being asked is, whether it is trophy, museum piece, or act of breach, however termed, but at what enterprise-business price? Analysts say that any hacker publicity involving a security software company can never be an easy ride for the affected vendor.

Explore further: Naughty Norton: Symantec Fixes Flaw in Security Software

Related Stories

iOS still safer than Android, according to Symantec report

June 29, 2011

( -- Since the Android OS came out people have been comparing it to the iOS. One of the most important debates has been about the relative security of the two operating systems. The iOS is rather closed, with ...

Recommended for you

Researchers find tweeting in cities lower than expected

February 20, 2018

Studying data from Twitter, University of Illinois researchers found that less people tweet per capita from larger cities than in smaller ones, indicating an unexpected trend that has implications in understanding urban pace ...

Augmented reality takes 3-D printing to next level

February 20, 2018

Cornell researchers are taking 3-D printing and 3-D modeling to a new level by using augmented reality (AR) to allow designers to design in physical space while a robotic arm rapidly prints the work.


Adjust slider to filter visible comments by rank

Display comments: newest first

Jan 07, 2012
This comment has been removed by a moderator.
2 / 5 (3) Jan 07, 2012
Well, if nothing else, we will at least see a profound change in how "virus" software and antivirus software will compete in the next few years.

While earlier the competition and staple action was between viruses and anti-virus products, we now will increasingly see the action and battle of anarchist groups vs the establishment in headlines. Personally, I believe that there will be a proliferation of whistle-blower sites, a-groups aspiring for global fame for their "robin-hoodian" endeavours, the old anti-virus companies trying to establish a foothold in the new environment, and young people living and embracing this new environment before we older folks even understand there's been a change.
1.8 / 5 (4) Jan 08, 2012
...old code or not, this shows that somebody got past Symantec's current A/V software to get at it...
So, if Symantec cannot effectively keep hackers out if IT'S files... how well will their software protect OUR systems?
1 / 5 (1) Feb 14, 2012
It is surprising that Indian hackers reached to this stage. India is heavily corrupted country and these hackers can be brought to trial easily. However along with name Dharmaraja in to bracket DAVID should have clarifid the meaning of the name.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.