Hacker group Anonymous claimed late Monday that the source code of Symantec’s pcAnywhere had been uploaded on The Pirate Bay site.

Symantec could not immediately comment on whether the hackers had indeed released the source code of its product. “It happened so recently that we’re still in the process of analyzing and won’t be able to confirm until the morning,” a spokesman said via email.

Earlier on Monday, an email string posted on Pastebin referred to negotiations over payment for the source code between one Sam Thomas, purported to be a Symantec employee, but using a Gmail mail id, and a person named Yamatough. The name of the hacker is similar to the Twitter handle of YamaTough in Mumbai who is associated with the hacker group, Lords of Dharmaraja, that had earlier claimed it had access to the source code of some Symantec products.
Read more »

Half of all Fortune 500 companies and major U.S. government agencies own computers infected with the “DNS Changer” malware that redirects users to fake websites and puts organizations at risk of information theft, a security company said today.

DNS Changer, which at its peak was installed on more than four million Windows PCs and Macs worldwide — a quarter of them in the U.S. alone — was the target of a major takedown organized by the U.S. Department of Justice last November.
Read more »

The largest-ever Android malware campaign may have duped as many as 5 million users into downloading infected apps from Google’s Android Market, Symantec said today.

Dubbed “Android.Counterclank” by Symantec, the malware was packaged in 13 different apps from three different publishers, with titles ranging from “Sexy Girls Puzzle” to “Counter Strike Ground Force.” Many of the infected apps were still available on the Android Market as of 3 p.m. ET Friday.

“They don’t appear to be real publishers,” Kevin Haley, a director with Symantec’s security response team, said in an interview today. “These aren’t rebundled apps, as we’ve seen so many times before.”
Read more »

A hacker who claims to act in defense of Israel has released 100,000 credentials of allegedly Arab users of Facebook in an ongoing row between Israeli and Arab hackers.

The hacker, who goes by the name Hannibal, posted the credentials in four parts on Pastebin on Saturday as well as making the details available on 14 file-sharing sites.

In a note introducing the data, the hacker claimed to have 30 million email account details, 10 million bank accounts and four million credit card accounts belonging to “Arabs from all over the world.”
Read more »

Researchers at Symantec yesterday confirmed that working attack code published Jan. 6 can cripple Web servers running Microsoft’s ASP .Net.

The proof-of-concept exploit was published last Friday on GitHub, a site that hosts software projects, and has been used in the past by hackers to distribute their work.

Other security experts were not surprised that attack code appeared within days of Microsoft rushing out a patch for a denial-of-service vulnerability in its software.

“No, not surprising at all,” Andrew Storms, director of security operations at nCircle Security, said in an interview Tuesday. “There was enough interest [in the researchers' original presentation] that we should have expected exploit code soon.”
Read more »

Symantec is downplaying reports that hackers accessed the source code to its Endpoint Protection 11.0 and Antivirus 10.2 applications.



According to the security company, the breach did not involve its consumer products which are actually “Norton” branded. 


As Mike Lennon of Security Week points out, Symantec updates its products on a “.1 basis“, and its Endpoint Protection product is now at version 12.0 and 12.1.

Meaning, the affected Endpoint software was coded and distributed quite some time ago. Plus, Symantec Antivirus 10.2 has long been discontinued, although the company continues to service the phased out iteration.
Read more »

Security researchers at Symantec today confirmed that exploits of an unpatched Adobe Reader vulnerability targeted defense contractors, among other businesses.

“We’ve seen [this targeting] people at telecommunications, manufacturing, computer hardware and chemical companies, as well as those in the defense sector,” said Joshua Talbot, senior security manager in Symantec’s security response group, in an interview Wednesday.

Symantec mined its global network of honeypots and security detectors — and located email messages with attached malicious PDF documents — to come to that conclusion.
Read more »