This could be one of the biggest disasters for a company. Hackers stole the source code of Symantec’s pcAnywhere back in 2006 and have now claimed to release it to public. In the meantime hackers stole all source code for all the Symantec products i.e Norton Antivirus, Norton works, Internet security, etc.
The hackers had been threatening Symantec in a series of e-mail negotiations with what they thought were representatives of Symantec. The group is known as Yamatough, Indian hacker force operating under the umbrella of Anonymous, had been demanding a $50,000 payoff from Symantec to keep the source code private. Emails are published to Pastebin. Hackers tell Reuters that their intention was never to get the money but to release the code.
“All the Symantec source codes are now on sale! PcAnywhere, System Works, Internet Security and Norton GoBack with Utilities, NAV”, hacker said in one of his tweets. Source code is now available on Pirate bay.
“At this time, Symantec recommends disabling the product until we release a final set of software updates that resolve currently known vulnerability risks.”
“We have been conducting direct outreach to our customers since January 23 to reiterate that in addition to applying all relevant patches that have been released, customers should also ensure that PCAnywhere version 12.5 is installed, and follow general security best practices.”
On January 23, Symantec released a patch to secure PCAnywhere 12.5. And then on January 27, the company rolled out another patch directed toward PCAnywhere versions 12.0 and 12.1. The hackers, who call themselves The Lords of Dharmaraja, originally claimed they found the code after breaking into servers run by Indian military intelligence. But Symantec later revealed that the group had captured the code for PCAnywhere and other products by breaking into the security vendor’s own network in 2006.
But Symantec has insisted that since all the source code dates back to 2006, customers of the current versions of these products are at no risk. Though that may be true, the entire incident does raise the question of how a security vendor, of all companies, would be so vulnerable that its key source code could be stolen.
“As the extortion attempt by Anonymous indicates, we’re working with law enforcement right now, Therefore, given the active investigation, we’re not in a position to provide specifics on the incident at this time.”
Symantec is of course sitting silent, they are working on a number of things in order to prevent such mistakes in future:
Improved Network Defenses, Compartmentalized Access to Information, Improved Source Code Security, Improved Process Controls, Employee Education.
Anonymous believed that companies like Symantec had been creating scareware, malwares and spreading them to networks in order to scare users and promote it’s security products. What do you think, is that what Symantec and other security companies do?