January 15, 2012
Hackers Threaten To Release Norton Source Code Tuesday
The Norton Antivirus source code stolen by hackers earlier this month will be released in its entirety this upcoming Tuesday, an individual known only as "Yama Tough" said on Saturday.
According to Reuters, Yama Tough, who has released source code from Symantec products and emails from the Norton developers over the past week, tweeted, "This coming Tuesday behold the full Norton Antivirus 1,7Gb src, the rest will follow," on January 14.
In an article published online in The Times of India, Symantec spokesman Cris Paden said that the company had no additional information, "particularly with regards to any new claims Anonymous is making."
Earlier this month, Paden confirmed the hacking of the Norton Antivirus source code in an interview with Nicole Perlroth of the New York Times.
Paden told Perlroth that programming code had been obtained for two of their Norton products for businesses -- Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2, which were four and five years old respectively, according to the Times report.
"We have no indication that the code disclosure impacts the functionality or security of Symantec´s solutions," the Symantec spokesman told Perlroth in an email. "Symantec is working to develop remediation process to ensure long-term protection for our customers' information."
"Symantec is working to develop a remediation process to ensure long-term protection for our customers' information. We will communicate that process once the steps have been finalized," Paden added, according to a separate article by PCMag's Sara Yin.
Previously, Lucian Constantin of IDG News Service reported that the data had been stolen by a group of cybercriminals know as "The Lords of Dharmaraja," which means Lords of Kings of Religion in English, according to Forbes Contributor Nigam Arora. The organization claimed to have gained access to the information through the servers of Indian intelligence agencies.
While Perlroth said that source code could, in theory, be used by other hackers to either corrupt Symantec's antivirus products or write malicious code that can circumvent Norton software, John Leyden of the Register countered that "even if the leak related to up-to-date source code, it would be of only limited use to hackers, except as a 'trophy scalp'."
"If this code is four or five years old, it is likely it has evolved quite a bit," Robert Rachwald, the director of security strategy at Internet security company Imperva, told the New York Times in early January. "That said, if there are any core functions that have not evolved, then hackers could take a look at Symantec´s source code and find ways to manipulate it."
On the Net: