V3.co.uk

Symantec confirms theft of Norton AV source code by hackers

Firm reassures customers code at risk is old and mostly unused

0 Comments

Security vendor Symantec has admitted that a "segment" of its source code has been compromised after hackers claimed to have gained access to the information by attacking Indian military servers using its products.

A post on Pastebin, which has been removed but remains in the form of a Google cache, claims that the information relates to Symantec's Norton AntiVirus software and will be released online in the near future.

The security company said it was working to identify how the information had been accessed. However, it said the code in question was only used in "two older enterprise products", one of which is now discontinued, while the code itself was "four or five years old".

"We are still gathering information on the details and are not in a position to provide specifics on the third party involved. Presently, we have no indication the code disclosure impacts the functionality or security of Symantec's solutions," the company said.

"This does not affect Symantec's Norton products for our consumer customers. Symantec's own network was not breached, but rather that of a third-party entity."

Symantec added that it did not believe any customer information was at risk, but it was still investigating the possibility.

Despite the embarrassing aspect of the theft, security firm Imperva agreed that it was unlikely to concern those at Symantec too much.

"There isn't much hackers can learn from the code, which they hadn't known before," Imperva said.

"Most of the anti-virus product is based on attack signatures. By basing defences on signatures, malware authors continuously write malware to evade signature detection.

"Furthermore, malware versions continuously evolve in such a rate where signatures cannot keep up with them in the first place. The workings of most of the anti-virus algorithms have also been studied already by hackers in order to write the malware that defeats them."

The firm added that the theft could well have occurred from an attack on the Indian military, explaining that governments often demand access to the original source code of products to ensure they are not spyware.

V3 Latest