Norton AntiVirus source code leaked to hackers?

I like them that is why i care about their computer security.

 

thought you were recommending Kaspersky cos they'd upset you in some way and wanted to get your own back

 

No the explanation of there statement is that they have to try and justify what they have done,most criminals or terrorists have a reason that they think is correct/justifies them for doing things they do

 

Updated:

 

this group seems to have gone quiet after doing so much bragging about what they had managed to get and how much damage they intended doing with it!

 

They might really have just bragged about what they did and could do; it might also be possible that they are bought out by Symantec.

 

Latest Update

 

do you really think that?If that was the case the patches need not have been written/released:-sorry but I think this group are/were like lots of previous ones:-they wanted 5mins of fame!rob failed the audition for one of the current crop of reality tv shows so thought this was another route!

 

Unless that was a joke I don't get the logic there. They should be releasing patches regardless.

 

I know but doubt they paid those guys off:-imagine how other vendors would use that if it ever was proven thy had!

 

No way anybody would get paid off. If they were to spend any amount of money it would be to track them down.

 

Symantec code theft: Hackers 'attempted extortion'

"Hackers tried to extort money in exchange for keeping source code private, security firm Symantec has said.
It comes as hackers made public emails from law enforcement agents posing as a Symantec employee."

http://www.bbc.co.uk/news/technology-16927660

Snip from emails between hacker(s) seeking $50,000 and 'Symantec' (actually law enforcement): "798.If we dont hear from you in 30m we make an official announcement and put your code on sale at auction terms. We have many people who are willing to get your code. Dont f*ck with us"

 

$50000 for Indian hackers? Somebody's trying to make himself a life...........

 

50k is nothing to Norton, which is a billion dollar company.

 

Having 50k to spend isn't an issue, the problem is what would they achieve by paying them... -nothing.
They can resell leaked code in underground markets as much as they want anyway.

 

Bingo, show is on.

 

Right, they'd need assurance that the code wouldn't leak, which they couldn't have.

 

Actually i wonder what exactly can they gain with the source code? The ebst for Symantec would be to write the whole thing from scratch using proactive protection measures as far as remote control goes, only way the source code can help them is they can now finx exploits a bit easier. But still, anything can be disassembled and exploited even if you don't have source code. So this doesn't really change all this that much imo.

 

Disassembly isn't everybody's cup of tea, but with the code leaked, it won't be hard for someone to start publishing "hacking norton 101" guides, which would mean an increase in the number of targeted attacks.

However, I doubt this is going to change anything significantly in the long run.

 

Seeing source code = seeing exactly how they detect malware and weight their heuristics, all of their local techniques for using it. Not to mention vulnerabilities.

 

going from vendor A to B vendor makes no diffrence

i get about 70-100 Intrusion prevention systems (IPS) on my gateway and about 70000-100000 packet drops on my firewall every month


so its kinda mad mad world out there

http://news.softpedia.com/news/Hack...ponsible-for-40-of-Hack-Attempts-250311.shtml

http://news.softpedia.com/news/Study-on-Cybercrime-Reveals-Costs-114-Billion-Annually-220628.shtml

 

Some sites are reporting this as the hackers tried to extort the money, other are reporting that Symantec offered it. I am sure Symantec didn't offer it. There is no way the hackers could be trusted. Too many sites are making up their own story.

 

Last Update:

http://digg.com/newsbar/Technology/antisec_leaks_symantec_pcanywhere_source_code_after_50k_extortion_not_paid

 

You never know..

 

Proof of the code being leaked?