The Tech Herald

Symantec source code leak is nothing special

by Steve Ragan - Jan 6 2012, 13:00

Symantec source code leak is nothing special. (IMG: Symantec)

On Wednesday, an Indian group calling themselves the Lords of Dharmaraja, said they plan to publish Symantec source code discovered after they hacked servers maintained by India’s Military Intelligence. To prove their point, they posted some of the collected data.

The group said that they plan to publish everything taken from the Indian government, starting with what was accessed on the servers maintained by the intelligence sector. In addition to the Symantec data, the group claimed to have discovered “source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI.”

“Now we release confidential documentation we encountered of Symantec corporation and it's Norton AntiVirus source code which we are going to publish later on, we are working out mirrors as of now since we experience extreme pressure and censorship from US and India government agencies,” the group promoted.

Security firm Imperva commented on the group’s claims, noting that Indian group’s actions are an embarrassment on Symantec’s part.

“As a major DLP vendor, this is quite embarrassing on Symantec’s part. It’s reasonable to assume that the retrieval of such a list could be a result of the files residing on a test server, which was mistakenly exposed, or a posting to FTP which unintentionally became public. It also seems, if you trust the hackers' boasting, that the code was obtained from the Indian military. Many governments do require source code from vendors to prove the software isn't spyware,” commented Imperva’s Rob Rachwald.

“If the rumors turn out to be true, the implications of the anti-virus code leakage will not keep the Symantec folks awake too late at night, and certainly not their customers. After all, there isn’t much hackers can learn from the code which they hadn’t known before.”

As it turns out, the preview code and documentation released by the group is nothing special. Symantec’s Cris Paden said that the published data is from 1999, and explains how the software is designed to work. He added that Symantec was investigating claims made by the group, which threatened to publish the actual source code used by Norton Anti-Virus.

Examining the release, Paden’s observations are completely correct, as the document explains how to use Symantec’s API and nothing more. Thus, Symantec honestly has no reason to lose any sleep, as Rachwald explained. We’d go do far as to say this isn’t even embarrassing, because Symantec will share the API documentation with anyone who needs it, including governments.

At this point, the group has not made good on their publication threat.



Symantec has confirmed that the source code for Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2 has been obtained by the group. There is no word if it has actually been published. The code for SEP is four years old, the company said, and Symantec Antivirus has been discontinued. Customers still using SAV due to support contracts can expect to be contacted by Symantec as they figure things out.


Around the Web

Comment on this Story

comments powered by Disqus


Chevy Colorado And GMC Canyon Ship To Dealers

General Motors have started shipping their new 2015 Chevy Colorado and 2015 GMC Canyon to de...

Aston Martin Vanquish Carbon Edition Pictures

Aston Martin have revealed some properly moody pictures of their new black and white Vanquis...

Nissan GT-R NISMO Available in Gran Turismo 6

Nissan and Sony have added the new Nissan GT-R NISMO to the in-game dealerships in  Gra...

2015 Kia Soul EV Prices

Kia have announced prices for their all-new Kia Soul EV. The company says this is their firs...

Celebrity Photographer Uli Weber Lauches New Goodwood Revival Book

Celebrity and fashion photographer Uli Weber is to launch a new book at this year’s Goodwood...