[Update 2012/02/07: Symantec claims hackers attempted to extort money in exchange for keeping the source code private. Source]
[Update 2012/01/26: Symantec has advised customers to take their copies of pcAnywhere offline as the company continues to struggle with the aftermath of a major data breach. Source ]
[Update 2012/01/17: Symantec has backtracked its original statement and now admits its own network was involved in the compromise, not a third party. In addition to the original source admitted to be compromised, Symantec has also confirmed that Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, had been stolen.Source ]
[Update 2012/01/09: Symantec confirmed the products in the source code leak are Symantec Endpoint Protection (SEP) 11.0 and Symantec Antivirus 10.2. The SEP version is 4 years old, and Antivirus 10.2 has been discontinued. Source ]

Symantec Confirms Norton AV Source Code Exposed


Anthony M. Freed


Infosec Island was provided with a file by an unidentified hacker going by the handle YamaTough which after preliminary analysis appeared to contain source code for the 2006 version of Symantec's Norton antivirus product.

Infosec Island provided Symantec with the file for analysis, which has now been completed.

Cris Paden, Sr. Manager for Corporate Communications at Symantec emailed Infosec Island editors with the following statement concerning the exposure of source code for the company's Norton antivirus product:

"Symantec can confirm that a segment of its source code has been accessed. Symantec's own network was not breached, but rather that of a third party entity."

"We are still gathering information on the details and are not in a position to provide specifics on the third party involved."

"Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec's solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time."

"However, Symantec is working to develop remediation process to ensure long-term protection for our customers' information. We will communicate that process once the steps have been finalized."

"Given the early stages of the investigation, we have no further details to disclose at this time but will provide updates as we confirm additional facts.


main page ATTRITION feedback