Anti-virus is a big market, particularly on Windows operating systems, and companies will do anything to keep their code secure.
Each company claims their anti-virus product is better than their competitors, and nobody wants to even consider the possibility of their code being publicized. Symantec have landed in some hot water as a direct result of this, with their Norton AntiVirus source code having been accessed.
As Neowin reports citing a post on ZDNet, the source code for Norton 2006 was leaked by Anonymous, who are quickly gaining media attention for their actions. Symantec previously acknowledged that Anonymous had some of the source code, but not the entirety of it. In their own words they described it as being only a ‘segment’ of the code. ‘Stun’, a member of the hacking fraternity, announced their latest acquisition over Twitter, linking to a file on The Pirate Bay.
The file weighs in at 1.07GB, including source code for the consumer and corporate versions, as well as files relating to the different operating systems it was made available for. It was suggested that the code was accessed from a server related to the Indian intelligence service, but this seems questionable. Symantec themselves have not commented on the identity of the third party that allowed the code to leak.
According to belief, the Indians wanted to inspect the code to ensure it was secure before making use of the product. Symantec allowed them to examine the code, and after determining it was secure, it was left on a network with poor security. It may very well be the same network that the Anonymous hackers used to gain access to the code. Claims from Symantec say that the 2006 code is of no danger to users of newer versions of the software. Code has reportedly been completely changed since then, and shares no resemblance to the 2006 era version of the popular anti-virus tool, so those running Norton should be able to continue to do so without any real issues being raised.
Finally, the torrent file comes with an additional file. It is a note listing the names of Anonymous members who they want to see released. The list contains one notable exception: Hector Xavier Monsegur, better known as ‘AnonymousAbu’ or ‘Sabu’. Sabu was known to have led the hacking group LulzSec during the past year, but controversy mounted when it was found Sabu had been compromised and may have been reporting on the actions of his friends to the FBI.