| ||Thread Tools|
|6th January 2012, 13:02||#1|
Join Date: May 2010
Hackers steal Symantec source code
Symantec is really regretting allowing the Indian government covert or overt access to its source code.
According to SecurityWeek, a team of hackers have accessed source code related to Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2 sitting on the Indian mililtary intelligence servers.
It is not clear how James Patel of the Indian Secret Service got his paws on the source code, and it looks like they may have even handed the code over for testing before being given a lucrative government contract.
The hacker group, operating under the name Dharmaraja, said that within the Indian Spy Programme are the source codes of a dozen software companies which have signed agreements with the Indian TANCS programme and CBI.
The hackers have shown a document dated April 28, 1999, that Symantec describes as defining the application programming interface for the virus Definition Generation Service.
Cris Paden, senior manager of corporate communication for Symantec, told SecurityWeek that while this explains how the software is designed to work and contains function names, there is no actual source code present.
However, a second post entitled 'Norton AV source code file list' includes a list of file names reputedly contained within Norton AntiVirus source code package and Symantec said it was still in the process of analysing the data, but it looks like the source code has been pinched.
Rob Rachwald, Director of Security Strategy at Imperva said that there was not much hackers can learn from the code.
Most of the anti-virus product is based on attack signatures, and malware authors continuously write malware to evade signature detection, he said. Hackers could use the source code to search out and exploit vulnerabilities in the software itself but this would be a little trickier.
Competition in the cut-throat security industry would love to have the Symantec source code, SecurityWeek said. .
|6th January 2012, 17:57||#2|
Join Date: May 2002
We received an official response from Symantec regarding this stolen code:
|Thread||Thread Starter||Forum||Replies||Last Post|
|Defcon 18 Pwned By the owner What happens when you steal a hackers computer||jmke||WebNews||0||2nd January 2011 20:57|
|Eve Online Source Code Leaked||jmke||WebNews||0||15th April 2008 18:26|
|DeviceVM releases source code for Asus P5E3 Deluxe WiFi-AP||jmke||WebNews||0||22nd November 2007 13:53|
|If You're Going To Steal Software, Steal From Us: Microsoft Exec||jmke||WebNews||0||13th March 2007 11:54|
|AMD, Gigabyte Release Source-Code for Mainboardís BIOS||jmke||WebNews||0||24th February 2007 00:15|
|Source code demand saves drunken drivers||jmke||WebNews||0||10th March 2006 13:24|
|Quake III Source Code to Be Released||jmke||WebNews||0||13th August 2005 17:27|
|Hackers Steal Revenge of the Sith, Demand Ransom||jmke||WebNews||4||27th August 2004 19:14|
|Windows 2000 & Windows NT 4 Source Code Leaks||187(V)URD@||WebNews||2||13th February 2004 00:19|