Monday, January 16, 2012

Hacker threatens to release complete Norton Antivirus source code on Tuesday

A hacker who goes by the handle "Yama Tough" has announced that he will post the full source code of Symantec Corp's Norton Antivirus software. As we reported earlier, however, the source code that was hacked from Indian government servers wasn't for Symantec's flagship Norton product, but instead for old (and we mean old) enterprise security software.

The source code was given to the Indian government in order for them to inspected by them to "ensure" that the product was secure. The authorities left the code on servers which were then accessed by the hackers, showing that the product may have been secure, but the Indian servers were not.

"Yama Tough" has already posted snippets of the code. The code released on Pastebin so far points to the code being from 1999. Symantec itself earlier said the code was from obsolete Enterprise products, not their Norton Security line of consumer products.

"Yama Tough" Tweeted: "This comming (sic) Tuesday behold the full Norton Antivirus 1,7Gb src, the rest will follow,"

In their latest statement, Symantec said:

Kaspersky Anti-Virus 2012
"The code for Norton Utilities that was posted publicly is related to the 2006 version ... [and is] no longer sold or supported.

"The current version of Norton Utilities has been completely rebuilt and shares no common code with Norton Utilities 2006. The code that has been posted for the 2006 version poses no security threat to users of the current version of Norton Utilities."

Odds are that neither hackers or competitors will get much information out of this release, at least not current, up-to-date information. Still, despite the fact that the insecure servers were India government servers, there is still nothing so embarrassing as a security firm hacked in one way or another.

No comments: