Symantec now claims that the company's own networks were in fact breached back in 2006, leading to the loss of proprietary product data: "...an investigation into the matter had revealed that the company's networks had indeed been compromised"...
* * *
"YamaTough, spokesperson for the hacktivist group “The Lords of Dharmaraja”, informed Infosec Island of plans to release source code for Symantec's PCAnywhere. The release is to be made prior to the threatened exposure of the full source code for the Norton antivirus..."
* * *
* * *
* * *
Update: Infosec Island has been provided with a file that, after preliminary analysis, appears to contain source code for the 2006 version of Symantec's Norton antivirus product.
Infosec Island has provided Symantec with the file and are awaiting their analysis. We will not be releasing the file due to the sensitive nature of the information contained therein.
We will list the developers' usernames that were included in the file, which are as follows:
In all likelihood, the group who provided us with the data will probably be releasing the material soon. Also, YamaTough's Google+ page now displays a 404 message.
Stay tuned for more updates.
* * *
Cris Paden, Sr. Manager for Corporate Communications at Symantec, submitted the following statement in the comments section of our article on the alleged breach of the company's source code for the Norton AV product:
"Cris Paden with Symantec. Be advsied we investigated the original claim that NAV source code had been exposed and found it to the be false. The information posted was actually a document from 1999 explaining how the software worked, but did not include any actual source code. FYI."
Infosec Island contacted Paden at the Symantec company email address provided in his member profile with a request to confirm the validity of this comment, and also to ask for further details on the alleged breach.
Paden replied as follows:
Hi Anthony. Definitely me. To clarify, there were two claims made actually. The first claim was made yesterday, and we found that to be a 1999 document on how the software works. However, there were subsequent claims made about 3 hours ago that we’re investigating now. In a situation like this, it’s important to stick to the facts, so I don’t want to speculate. But I can confirm that the first claim turned out to be inaccurate.
What they’ve posted since on your site may pertain to the second claim, but we’re just not sure yet.
Does that help?
Thank you for checking with me. Very kind of you. Really appreciate it.
Meanwhile, Infosec Island Managing Editor Anthony M. Freed had a brief exchange with YamaTough, an unknown entity who claims to be involved in the alleged breach and who has subsequently made posts on Google+ with information supposedly obtained in the hack.
ANTHONY M. FREED - Thanks - so first question would be when will you release the Norton source code?
Yama Tough - As soon as we r over with the blockade we experience from Indian and US LE and Intel, since the issue not really in Symantec but In fact that India is spying on USCHINA ECON SEC commission (example William Reinsch Larry Wartzel, Dan Slane, Michael Dannis etc emails) we think since they are former CIA US and India block our mirrors and we have many of our brothers now under search and ceizure warrants pending Symantec is not a big deal they just happened to sign an agreement with Indian MI thats all the deal is what kind of stuff we;ve owneed by owneeing MEA servers...we expect to publish by 10th -16th this month.
ANTHONY M. FREED - Next, who exactly was breached in order to obtain the Norton source code?
Yama Tough - you want proofs tell me wich file you want from the list I give it to ya.
ANTHONY M. FREED - Why release it at all - what kind of statement are you trying to make?
Yama Tough - Our goal is Bharti Mittal go off politacl arena and stop manipulating our government India bought the right to spy on people worldwide by getting src from all major sft mnfctrs wegot many things to say so...
YamaTough then left a comment on a Google+ thread related to the original article we posted on the alleged breach, stating:
Tony we are uploading a tiny portion of the code send it to Symantec lolz for analysis and ask them not to deny upcoming mayhem =) The more they refuse to acknowledge the more shit pours on them ... We hate when Corporations lie - and ask them what right they had to transfer src to Indian fking Intel ? Awaiting comments from Bill Reinsch of NFTC and Michael Danis of USCC.GOV on the issue...
We sent the comment to Paden and are now awaiting a reply. Since then YamaTough has sent us links to a Pastbin post and photos of documents on Imgur stating they show the "origin of all":
We have been provided with a link to a download purported to be a sample of the source code. We have provided the link to Symantec who is in the process of analyzing it.
Paden relayed to us via email that they have only officially denied the first claim made by the alleged hackers, and are currently investigating the second claim and the data sent to them by Infosec Island.
Paden stated the following:
“Symantec is still analyzing information on subsequent claims of our source code being disclosed. The first claim pertained to having Norton Antivirus code; however, our investigation confirmed it was a document from 12 years ago saying how the solution worked. As for the second claim of additional code, we cannot confirm or deny the those claims as we are still analyzing the information.”
More updates to come...