Hacker to Release Symantec's PCAnywhere Source Code

Monday, January 16, 2012

Anthony M. Freed


Update: Symantec Hacked in 2006? Claim Raises More Questions

Symantec now claims that the company's own networks were in fact breached back in 2006, leading to the loss of proprietary product data: "...an investigation into the matter had revealed that the company's networks had indeed been compromised"...

*   *   *

Update: “The Lords of Dharmaraja” may have decided to alter their announced plans to release source code for Symantec's PCAnywhere software and the Norton antivirus.

YamaTough tweeted "Heil to our brothers @#antisec who support us. PCAnywhere code is being released to blackhat community for 0d expltin!" along with "We've decided not to release code to the public until we get full of it =) 1st we'll own evrthn we can by 0din' the sym code & pour mayhem."

Infosec Island asked the hacktivist for clarification, to which he replied, "it wil be but not as public release a decision was made to 0day everything we got and than make it public."

Infosec Island is currently seeking further clarification on the hacktivist group's plans.

*   *   *

YamaTough, the spokesperson for the hacktivist group “The Lords of Dharmaraja”, has informed Infosec Island of plans to release source code for Symantec's PCAnywhere software.

The release is to be made prior to the threatened exposure of the full source code for the 2006 version of Symantec's Norton antivirus, and the releases will apparently be coordinated through the defacto-leader of the Anonymous movement known as "Sabu":

"Lords of Dharmaraja has sent #antisec Symantec source codes for 0day-plundering. All your NU+PCAnywhere base are belong to us. Release soon," Sabu tweeted on Monday, January 16, 2012.

"This coming Tuesday behold the full Norton Antivirus 1,7Gb src, the rest will follow," YamTough had tweeted on Saturday, January 14, 2012.

The group claims that the release will demonstrate that newer releases of the remote access tool are simply re-packaged versions of previous releases with little in the way of significant changes to the software.

"Weve got some nice things resolved with other companies they are not that slow thinking as symantec but now we know that they fool people aroung by selling them software which is not rebuilt but only have nice wrapper and a few new features - PCAnywhere 2Gb code will be prior to NAV full. And Sabu shall take care of it," YamaTough told Infosec Island (quote remains unedited for grammar).

On Friday January 13, 2012, the group claimed to have released the source code for Symantec's Norton Utilities, as had been threatened earlier in the day in an Infosec Island article comment thread:

"Today we release Norton Utilities to accompany Symantec lawsuit. Goodluck Mr.Gross with ya crusade =) Stay tuned for a link. Link will get published on our twitter, not here - of all respect to infosec staff," YamaTough posted.

The reference to "Mr. Gross" is related to a class action lawsuit filed James Gross which alleges Symantec has employed the use of "scareware"  tactics to induce consumers to purchase the company's products.

Reports indicate the code that was released was for the 2006 version of the Symantec product:

“The current version of Norton Utilities has been completely rebuilt and shares no common code with Norton Utilities 2006,” Reuters quoted Symantec spokesman Cris Paden as stating.

The hacktivist previously provided Infosec Island 68 sets of usernames and passwords for compromised US government networks, as well as a file alleged to contain source code for Symantec’s Norton antivirus (NAV) software, which Symantec later confirmed was for older versions of the software dating from 2006.

Yamatough indicated that the data represented merely a “sample”, and the group may potentially have thousands of passwords for US government networks ranging from those of federal agencies to systems used by state and municipal entities.

The government network logins and source code sample, along with all communications with the hacktivist, were passed on to the proper authorities, and Infosec Island is continuing to fully cooperate with law enforcement in their investigation.

YamaTough also furnished Infosec Island with a series of statements regarding the group's recent exploits in an exclusive interview. The hacktivist group maintains claims that the information was obtained from servers owned and operated by various ministries of the Indian government.

The usernames and passwords provide strong evidence that the Indian government may be actively engaged in espionage directed against the US government.

YamaTough has also indicated the group is in possession of data from numerous companies other than Symantec, and they have yet to decide whether or not they will make the information public, though they have stated to Infosec Island that they may be inclined to do so.

More details on the source code dumps to follow as details emerge. Stay tuned...

Possibly Related Articles:
Information Security
Antivirus Infosec Island Utilities Symantec Espionage Anonymous hackers Norton Source Code AntiSec Data Dump India The Lords of Dharmaraja YamaTough Gross v Symantec Anthony M. Freed PCAnywhere Sabu
Post Rating I Like this!
Bobby Mann Seems like Yama and company are full of shit and only have old symantec source. This "Smells" of an internal job, not a breach of India Military. Doesn't it seem odd that all of these source trees are "consumer" products? Why does Yama and company only pick on Symantec? Because that is all they have. I feel this is likely a disgruntled employee that has furnished the group with the old code, or a programmer system (home likely) that was breached. This is not from the Indian Government, and so far there has been absolutely nothing that has indicated otherwise. Someone has a grudge against Symantec. I want to see proof that Yama has code from other countries before they can be believed. Let's see it Yama.. your move.
Bobby Mann Interesting that this faction of anonymous would choose to release the day after a US holiday? Coincidence? I suspect Yama is not Indian and is in the US..May not even be male, most certainly isn't human. hahaha.
Bobby Mann Sorry, in my post I meant to write "I want to see some proof that Yama has code from other COMPANIES before he can be believed."
Bobby Mann Michael, I'm just asking to see proof (even a small snippett) that backs up these claims. It's part of the story. Oh, but I forgot, you guys don't want to go after the real story - you prefer to give full airtime and support these terrorists.
David Noergaard UPDATE: Symantec has confirmed this is not code from India, but rather a theft of sourcecode from the company back in 2006. Guess BobbyMann was right. Looks like Anonymous has simply obtained code from a theft and are using it to impact relations between various countries.
Bobby Mann Also, I see that patches have been released for customers of PCAnywhere to address vulnerabilities..first step I guess.
Bri Bella I have read this story on http://www.doneassignment.co.uk/assignment-experts.php and I am waiting for a long for the release of this source code. I will be interesting and useful too
lewis paul Completely agreed with this story. Quality assurance should be our priority while supplying. I am following http://www.writingessayz.com to be expert in it.
Jerry Shaw I honestly enjoy fascinating content like this. This is a great post. The points are presented in a special fashion and also the material is very nicely written.
John Smith Packers and Movers Bangalore @ http://6th.in/packers-and-movers-bangalore/
Packers and Movers Delhi @ http://6th.in/packers-and-movers-delhi/
Packers and Movers Mumbai @ http://6th.in/packers-and-movers-mumbai/
Packers and Movers Hyderabad @ http://6th.in/packers-and-movers-hyderabad/
Packers and Movers Pune @ http://6th.in/packers-and-movers-pune/
Packers and Movers Gurgaon @ http://6th.in/packers-and-movers-gurgaon/
Packers and Movers Chandigarh @ http://6th.in/packers-and-movers-chandigarh/
anaki liko I Really enjoyed your blog. I just bookmarked it. I am a regular visitor of your website I will share It with my friends .Thanks. http://www.friv2game.org
sudhanshu Mishra Best5th.in represents a list of best 5 pre-screened packers and movers of India. You do not go anywhere to collect estimates of good moving companies. Just fill our query form available at this site to obtain free estimates of best companies. Compare estimates and decide yourself to select the best available option.
For more information about professional movers and packers companies and their helpful relocation services you may visit the websites: http://www.localpackersmoversinbangalore.in/
sudhanshu Mishra For more information about professional movers and packers companies and their helpful relocation services you may visit the websites:
Packers and movers delhi @ http://best5th.in/packers-movers-delhi/
Movers and packers delhi @ http://localpackersmovers.in/delhi/
packers and movers panipat @ http://localpackersmovers.in/delhi/packers-and-movers-ncr/panipat.html
packers and movers sonipat @ http://localpackersmovers.in/delhi/packers-and-movers-ncr/sonipat.html
packers and movers faridabad @ http://localpackersmovers.in/delhi/packers-and-movers-ncr/faridabad.html
packers and movers Ggaziabad @ http://localpackersmovers.in/delhi/packers-and-movers-ncr/ghaziabad.html
packers and movers Noida @ http://localpackersmovers.in/delhi/packers-and-movers-ncr/noida.html
Assignment help Your post is so nice in reading and blog on hackers is so informative and interesting...

Jerry Shaw Shifting costs from your capital expense with an operational one, the opportunity to scale along when necessary, as well as the Web-based nature of an cloud-based solution combine to create selecting a Web-based CMMS a fantastic selection for maintenance departments of all sizes. Whether you should begin small and grow or have already got any excuses for a completely functional solution, a Web-based CMMS delivers!

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked