Symantec Denies Hackers Have Norton Source Code

Steve McCaskill,

Lords of Dharamaraja claim to have stolen source code provided for the Indian military

A hacking group known as the Lords of Dharmaraja claims to have acquired source code for Symantec’s Norton Antivirus software and is threatening to release it.

The group posted an Adobe document which supposedly contained a glimpse of the code, but Symantec denied that any source code was disclosed and said it was continuing to investigate.

Lords of Dharmaraja

Symantec said that the post made on Pastebin was simply an old document that described how the software worked and insisted that its own servers had not been breached.

“We take each and every claim very seriously and have a process in place for investigating each incident,” said Symantec spokesman Cris Paden. “To date, we have not detected any inordinate or suspicious rates of traffic or activity going in or out of our networks.”

The company added in a Facebook post, “The code involved is four and five years old. This does not affect Symantec’s Norton products for our consumer customers. Symantec’s own network was not breached, but rather that of a third party entity.”

The Lords of Dharmaraja, who haven’t claimed responsibility for hacking before, maintain that they discovered the information on India’s military computer network, along with those of a “dozen software companies” which have signed agreements to share code with Indian intelligence agencies.

‘Trophy Hack’

However senior technology consultant at Sophos Graham Cluely has dismissed the group’s actions as a “trophy scalp” designed to generate publicity.

“It’s important to underline that there is presently no reason to believe that Symantec’s own servers have been breached,” commented Cluely. “Instead, it appears that the data leak may have occurred on Indian government servers – and the implication is that Symantec, and perhaps other software companies, may have been required to supply their source code to the Indian authorities.”

“It’s hard not to feel sympathy for Symantec – who appear to have been caught in the crossfire between a hacking gang and the Indian authorities,” he added.

Paul Vlissidis, technical director at NGS Secure, says that the incident has highlighted the dangers of sharing information with third parties.

“Third party suppliers can be an attractive way for cyber criminals to gain access to data and networks that would otherwise beyond their reach,” he said. “As a security firm no doubt Symantec has extremely sophisticated systems in place to protect its data. But a huge range of external suppliers, from marketing to accountants to legal firms, can all be potential vulnerabilities.”