A HACKER called Yama Tough has declared to the world on Twitter that he will release the full source code of Symantec's flagship Norton antivirus software.
The India-based hacker posted a short tweet simply saying that he will release the 1.7Gb (217MB) source code dump tomorrow. It appears that the source code was acquired in a hacking attack by The Lords of Dharmaraja that we covered earlier this month.
This comming tuesday behold the full Norton Antivirus 1,7Gb src, the rest will follow...— Yama Tough (@YamaTough) January 14, 2012
He previously tweeted links to a list of the source code files and the original post by The Lords of Dharmaraja, but those web pages have since been removed. The first post claimed that the source code had been obtained from Indian military intelligence servers.
His account says "Anonymous Avengers of Indian Independence Frontier, Mumbai" and he has links to the hacktivist group Anonymous.
We are still waiting for Symantec's response to this development. Earlier this month it confirmed that some source code was obtained but said that it was out of date.
Symantec has provided us with the following statement regarding the Norton source code.
"The code for Norton Utilities that was posted publicly is related to the 2006 version of Norton Utilities only. That version of the product is no longer sold or supported. The current version of Norton Utilities has been completely rebuilt and shares no common code with Norton Utilities 2006. The code that has been posted for the 2006 version poses no security threat to users of the current version of Norton Utilities."
"Furthermore, we have no indications that the code disclosure impacts the functionality or security of any of Symantec's other solutions. Lastly, there are no indications that customer information has been impacted or exposed at this time. As always, in general, Symantec recommends that users keep their solutions updated which will help ensure protection against any new possible threats." µ
It's time for our regular two-step through the Google news
Bug bounty offer: accepted