Hackers Threaten to Reveal Norton Source Code, Symantec Shrugs

rated by 0 users
This post has 8 Replies | 2 Followers

Top 10 Contributor
Posts 26,334
Points 1,191,040
Joined: Sep 2007
News Posted: Fri, Jan 6 2012 4:18 PM
In a post on pastebin (which has been removed, though it is cached here), a hacker group called the Lords of Dharmaraja claimed that it hacked an Indian Military Intelligence server and snagged source codes from a dozen different companies, most notably (apparently) the source code to Symantec’s Norton Antivirus.

The group posted a file it said “describes the application programming interface specifications required for generating virus definitions automatically from the Immune System analysis center.”

Obviously, the ability to for cyber ne’er-do-wells to dig into one of Symantec’s flagship products (especially as users rely on it to ward off malware) and share the ability to do so with the public could be catastrophic for the company, not to mention some of its subscribers.

However, in an email to NYT’s Bits blog, a Synamtec spokesperson essentially shrugged off the hacker group’s threats, noting that the document they uncovered was from 1999 and doesn’t actually contain any source code. This, despite the group’s claims that is does indeed have the source code--making the 1999 document just a teaser--and apparently plans to release it soon.

Even if the group has source code from 1999, it would likely be fairly ancient by tech standards; the malware/antimalware war is one that moves quickly, with security professionals working fast to keep pace with malware makers, and vice versa. Having such code might be akin to finding the plans for an enemy tank that you’ve already captured and stripped to its frame; a helpful document, perhaps, but probably not one that spells doom for the other side.

Part of the original Lords of Dharmaraja post on pastebin

A post on the subject at Internet security company Imperva noted, “The workings of most of the anti-virus’ algorithms have also been studied already by hackers in order to write the malware that defeats them. A key benefit of having the source code could be in the hands of the competitors.” Even so, one wonders if the same logic applies; this code may be old, worthless news even to Symantec’s competition.

It’s likely that only Symantec knows how much of a problem the release of this source code really is.

Regardless of what happens with Norton Antivirus, this story has a couple of other unsettling details. For one thing, it’s never a good sign when a government intelligence agency can be hacked by renegades. Furthermore, the Lords of Dharmaraja claimed to have pilfered the source code for a dozen companies total, which means that if they indeed have any code germane to current versions of important software, there are 11 other companies (and their customers) that need to watch out.
  • | Post Points: 95
Top 100 Contributor
Posts 1,016
Points 10,925
Joined: Dec 2010
Location: Mcallen, Texas
OSunday replied on Fri, Jan 6 2012 5:30 PM

Hackers found something they thought was notworthy, try to get attention from it, only to find out their "uncovered treasure" isn't worth much...

Silly Lords of Dharmaraja

  • | Post Points: 20
Top 10 Contributor
Posts 6,374
Points 80,315
Joined: Nov 2004
Location: United States, Arizona

What is the point these days for hacking some company?

"Never trust a computer you can't throw out a window."




G.Skill Ripjaws X 16gb PC2133

Antec P280

Corsair H100

Asus Blu-ray burner

Seasonic X650 PSU

Patriot Pyro 128gb SSD

  • | Post Points: 20
Top 100 Contributor
Posts 1,103
Points 11,175
Joined: Jun 2010
Location: Pennsylvania
CDeeter replied on Fri, Jan 6 2012 7:55 PM

The question that comes to mind is, why does the Indian Military Intelligence have Norton's source code (no matter how old) on their server in the first place?

  • | Post Points: 20
Top 10 Contributor
Posts 8,682
Points 104,315
Joined: Apr 2009
Location: Shenandoah Valley, Virginia
realneil replied on Fri, Jan 6 2012 10:54 PM

Bye Spammer!

That said,.......I quit using Norton years ago. Too expensive and lousy protection compared to other, free, solutions that are out there. I really did love Norton though, they kept people coming to me to fix their PC that were infected.

Those were the days.

Dogs are great judges of character, and if your dog doesn't like somebody being around, you shouldn't trust them.

  • | Post Points: 5
Top 25 Contributor
Posts 3,795
Points 40,670
Joined: Jan 2010
Location: New York
Inspector replied on Sat, Jan 7 2012 12:14 AM

CDeeter, maybe they were working together on something back then. It does say they had agreements together. Hackers have to mess with everything :(

  • | Post Points: 5
Not Ranked
Posts 5
Points 40
Joined: Jan 2012

Simple. It gives the attacker power and control even though is of false pretense. Apparently, they wanted to scare Symantec, but clearly the company beat them to their game. Still, this has to be a little nerving as they got code even if it's an ancient code, and it will be a matter of time before they can get to the real thing.

Born to love electronics, how about you?

  • | Post Points: 5
Top 50 Contributor
Posts 3,236
Points 37,910
Joined: Mar 2010
AKwyn replied on Sun, Jan 8 2012 1:39 AM

Eh. I don't use Norton or any of the big anti-virus programs out there; MSE does everything that I need to do for free, though if there's one anti-virus program I would pay for. It'd be NOD32.


"The future starts with you; now start posting more!"

  • | Post Points: 5
Not Ranked
Posts 54
Points 450
Joined: Oct 2011
KreepyK replied on Sun, Jan 8 2012 6:29 PM

I found the article a bit confusing on that point. Did the group hack the indian server but acquired the codes from different sources or did they get the codes from that server which raise the question you have asked.

  • | Post Points: 5
Page 1 of 1 (9 items) | RSS