Symantec Doing Damage Control After Hackers Threaten to Release Source Code - HotHardware
Symantec Doing Damage Control After Hackers Threaten to Release Source Code

Symantec Doing Damage Control After Hackers Threaten to Release Source Code

Earlier this month, Symantec essentially shrugged after hacker group Lords of Dharmaraja swiped source code to some Symantec products from Indian military servers and threatened to release it. Now, it appears to have been a lot of false bravado on Symantec’s part.

Symantec has publicly acknowledged the breach(es), the extent of the damage, and what customers should do about it.

In a special post on its website, Symantec said;
Our investigation continues to indicate that the theft is limited to only the code for the 2006 versions of Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere.
However, after analysis, Symantec is unconcerned about anything except for pcAnywhere. The company advises users of pcAnywhere 12.0, 12.1,12.5, and earlier to employ security best practices, use the product only for business-critical applications, and download a hotfix. Symantec has promised additional patches when and if they’re needed.

          

The company also produced a white paper to help customers understand and properly deal with the situation.

There is some ambiguity about what exactly happened and when; the Lords of Dharmaraja raid appears to have happened recently and was on third-party servers, although now, Symantec has admitted that its servers were definitely hacked at some point. Further, much of the attention has been paid to Anonymous and a 2006 source code heist. It’s not exactly clear if the two events were related, if the code recently pilfered by the Lords of Dharmaraja augmented what Anonymous already had, or if Anonymous was simply inspired to act after the Lords of Dharmaraja claims emerged a few weeks ago.



In any case, Symantec specifically addresses the 2006 attack. Vigilance is key for users of the aforementioned Symantec products, and they should stay tuned to updates from the company as new patches and possibly new information rolls in.
0
+ -

Make me trust their software even less... A company specializing in security should not be getting hacked although I am sure it is an inside job.

0
+ -

There is no such thing as 100% security, though a company like Symantec could have taken more steps to prevent something like this happening. It's too bad, their antivirus product was actually starting to get better the last couple years.

0
+ -

guys guys, if Gary McKinnon bypassed the security of what should be the most sophisticated IT systems on the planet, many of which belong to the U.S. Department of Defense and NASA, Why will be a company like symantec be an exception?

Login or Register to Comment
Post a Comment
Username:   Password: