Symantec Admits Its Networks Were Hacked in 2006 - Slashdot

Slashdot is powered by your submissions, so send in your scoop

×

Symantec Admits Its Networks Were Hacked in 2006 113

Posted by Soulskill on Thursday January 19, 2012 @11:51AM from the timely-disclosure dept.

Orome1 writes "After having first claimed that the source code leaked by Indian hacking group Dharmaraja was not stolen through a breach of its networks, but possibly by compromising the networks of a third-party entity, Symantec backpedalled and announced that the code seems to have exfiltrated during a 2006 breach of its systems. Symantec spokesman Cris Paden has confirmed that unknown hackers have managed to get their hands on the source code to the following Symantec solutions: Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere."

This discussion has been archived. No new comments can be posted.

Symantec Admits Its Networks Were Hacked in 2006

Search 113 Comments Log In/Create an Account

Comments Filter:

Surely this is a good thing... (Score:5, Insightful)

by el3mentary ( 1349033 ) writes: on Thursday January 19, 2012 @11:57AM (#38748486)

Surely this is a good thing, the hackers might release an anti-virus for Norton

Share
twitter facebook
Re:Thanks a bunch (Score:5, Insightful)

by Synerg1y ( 2169962 ) writes: on Thursday January 19, 2012 @12:09PM (#38748642)

Realize that no piece of security software will keep you safe indefinitely from a determined hacker. That applies to security companies as well.

Parent Share
twitter facebook
Re:Thanks a bunch (Score:3, Insightful)

by Dishevel ( 1105119 ) writes: on Thursday January 19, 2012 @12:27PM (#38748874)

You are saying (with a straight face) that having the source code that describes in detail how the software goes about removing viruses is of no use to the people who write them? Go to a doctor immediately and get checked out for massive brain tumors.

Parent Share
twitter facebook
Re:Thanks a bunch (Score:4, Insightful)

by DarkOx ( 621550 ) writes: on Thursday January 19, 2012 @12:38PM (#38748982) Journal

Other than perhaps finding sploits in Symantec itself no I don't expect looking at virus removal code to be terribly useful to those developing malicious code.
Look yes the AV stuff gets its hooks in pretty deep but until they start implementing their own filesystem drivers and stuff like that (they don't, not on desktops anyway) then there is a finite set of APIs and syscalls they can use. They are mostly documented, or otherwise known. Reading the source to Symantec's AV scanner is not going to give you a lot of insight into how to write something it can't clean up.

Parent Share
twitter facebook
Re:Thanks a bunch (Score:5, Insightful)

by rickb928 ( 945187 ) writes: on Thursday January 19, 2012 @12:50PM (#38749150) Homepage Journal

How they use their signatures and heuristics to detect threats is of great use to attackers. Thinking otherwise is naive.

Parent Share
twitter facebook
Re:Thanks a bunch (Score:4, Insightful)

by forkfail ( 228161 ) writes: on Thursday January 19, 2012 @12:51PM (#38749166)

Horrible analogy, because the scenario is adversarial in nature.
A far better one would be that the other team just stole your playbook. Your QB still throws the same, your receivers run just as fast, your linebackers still do their thing, but now the other team can anticipate all your plays and outwit you far more often.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

8 Catfish = 1 Octo-puss