The Tech Herald

Symantec source code leak is nothing special

by Steve Ragan - Jan 6 2012, 13:00

Symantec source code leak is nothing special. (IMG: Symantec)

On Wednesday, an Indian group calling themselves the Lords of Dharmaraja, said they plan to publish Symantec source code discovered after they hacked servers maintained by India’s Military Intelligence. To prove their point, they posted some of the collected data.

The group said that they plan to publish everything taken from the Indian government, starting with what was accessed on the servers maintained by the intelligence sector. In addition to the Symantec data, the group claimed to have discovered “source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI.”

“Now we release confidential documentation we encountered of Symantec corporation and it's Norton AntiVirus source code which we are going to publish later on, we are working out mirrors as of now since we experience extreme pressure and censorship from US and India government agencies,” the group promoted.

Security firm Imperva commented on the group’s claims, noting that Indian group’s actions are an embarrassment on Symantec’s part.

“As a major DLP vendor, this is quite embarrassing on Symantec’s part. It’s reasonable to assume that the retrieval of such a list could be a result of the files residing on a test server, which was mistakenly exposed, or a posting to FTP which unintentionally became public. It also seems, if you trust the hackers' boasting, that the code was obtained from the Indian military. Many governments do require source code from vendors to prove the software isn't spyware,” commented Imperva’s Rob Rachwald.

“If the rumors turn out to be true, the implications of the anti-virus code leakage will not keep the Symantec folks awake too late at night, and certainly not their customers. After all, there isn’t much hackers can learn from the code which they hadn’t known before.”

As it turns out, the preview code and documentation released by the group is nothing special. Symantec’s Cris Paden said that the published data is from 1999, and explains how the software is designed to work. He added that Symantec was investigating claims made by the group, which threatened to publish the actual source code used by Norton Anti-Virus.

Examining the release, Paden’s observations are completely correct, as the document explains how to use Symantec’s API and nothing more. Thus, Symantec honestly has no reason to lose any sleep, as Rachwald explained. We’d go do far as to say this isn’t even embarrassing, because Symantec will share the API documentation with anyone who needs it, including governments.

At this point, the group has not made good on their publication threat.



Symantec has confirmed that the source code for Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2 has been obtained by the group. There is no word if it has actually been published. The code for SEP is four years old, the company said, and Symantec Antivirus has been discontinued. Customers still using SAV due to support contracts can expect to be contacted by Symantec as they figure things out.


Around the Web

Comment on this Story

comments powered by Disqus


Suzuki to Unveil New Vitara at Paris Motor Show

Suzuki has announced today that the all-new Vitara will be revealed at the Paris Motor Show....

New Volvo XC90 Videos

We have added some video of the new 2014 Volvo Xc90. The much anticipated SUV has finally be...

2014 Volvo XC90 Details

Volvo have unveiled the much anticipated new version of their SUV the Volvo XC90. Popular wi...

2014 Volvo XC90 Pictures

We have added some great pictures of the all-new Volvo XC90. Volvo have finally launched the...

Stephane Roncada Joins MX vs. ATV Supercross Team

Former Kawasaki factory rider and 250cc East champion Stephane Roncada has joined the team d...