Symantec had before stated an unnamed “third party entity” as the attack’s victim. Evidence posted by a hacker indicated the information was obtained from a server operated by the Indian government.
Two weeks ago, Symantec spokesman Cris Paden said that the hacker made off with source code of Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2, enterprise products between five and six years old. At the time, Paden downplayed the seriousness of the theft.
However, yesterday Paden said that source code of Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, had also been stolen.
Norton Internet Security and Norton Utilities are among Symantec’s most prominent consumer-grade products.
Fortunately for Symantec, the hacker, named Yama Tough, did not release any of the source code for Norton Antivirus, as he previously threatened.
Yama Tough wrote on Twitter on Monday: “We’ve decided not to release code to the public until we get full of it. 1st we’ll own evrthn we can by 0din’ the sym code & pour mayhem.”
In the message, “0din'” likely stands for “zero-daying,” meaning attacks launched against unpatched vulnerabilities.
Also on Monday, Yama Tough claimed that he had some or all of the source code for pcAnywhere, a multi-platform remote access suite that Symantec sells.
Paden confirmed Yama Tough’s claim when he told Reuters that pcAnywhere users face “a slightly increased security risk” because of the hacker’s activities.
“Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information,” Paden said.