It seems that Symantec is really regretting that it allowed the Indian government covert or overt access to the company’s source code. According to media reports, a number of hackers have accessed the source code regarding Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2 located on the Indian military intelligence servers.
It is still unclear how the Indian Secret Service received the source code – the suspicions are that they simply handed the code over for testing before being offered a lucrative government contract. According to the hacker group called Dharmaraja, within the Indian Spy Program there are source codes of a dozen software firms that have signed agreements with the country’s TANCS program and CBI. The intruders have shown a document from 1999, showing that Symantec describes as defining the app programming interface for the virus Definition Generation Service.
Meanwhile, senior manager of corporate communication for Symantec told the press that although this can explain how the software was developed to work and contains function names, it didn’t have actual source code present. Nevertheless, one of the posts includes a pile of file names reputedly contained within Norton AntiVirus source code package. Although the company claimed it was still analyzing the information, it really looks like the source code has been pinched.
The experts believe that hackers can learn little from the code, since most of the anti-virus product is usually based on attack signatures, so virus creators have to continuously write malware to evade signature detection. The intruders could use the source code to search out and exploit holes in the software, but that would be a bit trickier.
It is still unclear how the Indian Secret Service received the source code – the suspicions are that they simply handed the code over for testing before being offered a lucrative government contract. According to the hacker group called Dharmaraja, within the Indian Spy Program there are source codes of a dozen software firms that have signed agreements with the country’s TANCS program and CBI. The intruders have shown a document from 1999, showing that Symantec describes as defining the app programming interface for the virus Definition Generation Service.
Meanwhile, senior manager of corporate communication for Symantec told the press that although this can explain how the software was developed to work and contains function names, it didn’t have actual source code present. Nevertheless, one of the posts includes a pile of file names reputedly contained within Norton AntiVirus source code package. Although the company claimed it was still analyzing the information, it really looks like the source code has been pinched.
The experts believe that hackers can learn little from the code, since most of the anti-virus product is usually based on attack signatures, so virus creators have to continuously write malware to evade signature detection. The intruders could use the source code to search out and exploit holes in the software, but that would be a bit trickier.
No comments:
Post a Comment