04-Jan-2012: Hackers claim to have stolen the source code of Symantec's Norton Antivirus. The hacker's post has been removed from pastebin, but here is the google cache. This group claimed that got this information from a hack of India's military computer network.
05-Jan-2012: Out of all the places, Symantec decided to announce it on Facebook. Duh?
Here is another article with some more details.
On Wednesday, the group posted a Symantec description of how Norton Antivirus worked. Symantec said the 2,700-word document was a general description of the software from 12 years ago and didn't threaten security.
A day later, the group posted software code, which Symantec confirmed was for two enterprise security products from 2007 and 2008. One product is discontinued and the other has been extensively updated, Paden said, rendering the old code useless.
So, how did this Symantec document (even if it was old) get on the Military's computers? This is where the conspiracy starts. As per the leaked military documents:
"in exchange for the Indian market presence" mobile device manufacturers, including RIM, Nokia, and Apple (collectively defined in the document as "RINOA") have agreed to provide backdoor access on their devices. The Indian government then "utilized backdoors provided by RINOA" to intercept internal emails of the U.S.-China Economic and Security Review Commission, a U.S. government body with a mandate to monitor, investigate and report to Congress on 'the national security implications of the bilateral trade and economic relationship' between the U.S. and China.
09-Jan-2012: Apple and RIM both have given public statements denying backdoor access was provided.
18-Jan-2012: Symantec finally admits they were hacked. Source code for Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere stolen!
26-Jan-2012: Symantec recommends users to stop using pcAnywhere!
31-Jan-2012: Symantec gives a go-ahead, and says the users can continue to use pcAnywhere. {Wonder if the problem has really been fixed, or is it only because it was too bad for the business to not say this}
07-Feb-2012: Anonymous unsuccessfully try to extort $50,000 from Symantec, after which they released the hacked source-code on the internet. Email exchanges between the hacker and a Symantec employee is here.
8-Feb-2012: Symantec expects more source code to be leaked!
09-Mar-2012: Anonymous leaks more data, and also defaces " New York Ironworks" (a supplier of police equipment), in retaliation to the arrests made by the police
No comments:
Post a Comment