The Tech Herald

Symantec source code leak is nothing special

by Steve Ragan - Jan 6 2012, 13:00

Symantec source code leak is nothing special. (IMG: Symantec)

On Wednesday, an Indian group calling themselves the Lords of Dharmaraja, said they plan to publish Symantec source code discovered after they hacked servers maintained by India’s Military Intelligence. To prove their point, they posted some of the collected data.

The group said that they plan to publish everything taken from the Indian government, starting with what was accessed on the servers maintained by the intelligence sector. In addition to the Symantec data, the group claimed to have discovered “source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI.”

“Now we release confidential documentation we encountered of Symantec corporation and it's Norton AntiVirus source code which we are going to publish later on, we are working out mirrors as of now since we experience extreme pressure and censorship from US and India government agencies,” the group promoted.

Security firm Imperva commented on the group’s claims, noting that Indian group’s actions are an embarrassment on Symantec’s part.

“As a major DLP vendor, this is quite embarrassing on Symantec’s part. It’s reasonable to assume that the retrieval of such a list could be a result of the files residing on a test server, which was mistakenly exposed, or a posting to FTP which unintentionally became public. It also seems, if you trust the hackers' boasting, that the code was obtained from the Indian military. Many governments do require source code from vendors to prove the software isn't spyware,” commented Imperva’s Rob Rachwald.

“If the rumors turn out to be true, the implications of the anti-virus code leakage will not keep the Symantec folks awake too late at night, and certainly not their customers. After all, there isn’t much hackers can learn from the code which they hadn’t known before.”

As it turns out, the preview code and documentation released by the group is nothing special. Symantec’s Cris Paden said that the published data is from 1999, and explains how the software is designed to work. He added that Symantec was investigating claims made by the group, which threatened to publish the actual source code used by Norton Anti-Virus.

Examining the release, Paden’s observations are completely correct, as the document explains how to use Symantec’s API and nothing more. Thus, Symantec honestly has no reason to lose any sleep, as Rachwald explained. We’d go do far as to say this isn’t even embarrassing, because Symantec will share the API documentation with anyone who needs it, including governments.

At this point, the group has not made good on their publication threat.



Symantec has confirmed that the source code for Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2 has been obtained by the group. There is no word if it has actually been published. The code for SEP is four years old, the company said, and Symantec Antivirus has been discontinued. Customers still using SAV due to support contracts can expect to be contacted by Symantec as they figure things out.


Around the Web

Comment on this Story

comments powered by Disqus


Chevrolet shows off the 2015 Colorado with digital experience

Chevrolet has launched a new website to show buyers all the bells and whistles available on ...

Mazda to debut CX-3 and MX-5 at Los Angeles Auto Show

Mazda has announced plans to premiere the new Mazda CX 3, its new compact crossover SUV, at ...

Ford issues safety recall for 204,448 Ford Edge and Lincoln MKX

Ford has issued a safety recall for 204,448 of the 2007-2008 Ford Edge and Lincoln MKX in No...

Mopar Previews SEMA Custom Rides

We have added a set of pictures released by Mopar ahead of the SEMA Show. Mopar are bri...

Audi R8 Competition – The Most Powerful Production Audi Ever

Audi has revealed details of their new super-fast Audi R8 Competititon — the most powerful a...