Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Symantec verifies stolen source code posted by Anonymous is "legitimate"

Ellen Messmer | Feb. 8, 2012
Symantec is in an ongoing fight against hackers in the group Anonymous that last January attempted to extort a payment of around $50,000 from Symantec in exchange for not publicly posting stolen Symantec source code they had stolen for various older Symantec security products dating to 2006.

The threat from Anonymous to post the pcAnywhere source code has had Symantec in high gear the last few weeks, releasing patches since Jan. 23 "to protect users against attacks that might transpire as a result of the code being made public," the security firm says. "We have been conducting direct outreach to our customers since Jan. 23rd to reiterate that, in addition to applying all relevant patches that have been released, we've also counseled customers to ensure that pcAnywhere version 12.5 is installed, and to follow general security practices."

Symantec says it has not yet determined how the hackers exactly obtained the cache of older source code they now have. "It is part of an original cache of code for 2006 versions of the products," Paden states. "We still have not determined how Anonymous came into possession of the 2006 source code." He adds the investigation by both Symantec and its partners in the law-enforcement community (which it declines to name) is still ongoing. "The incident is not resolved." This law-enforcement sting being the focus of press coverage isn't helping.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.