Symantec reassures users as hacker publishes product code


Symantec reassures users as hacker publishes product code

Simon Quicke
pcanywhere.jpgSymantec users will be braced to see if the vendor has done enough to develop patches that will protect its pcAnywhere product from attacks now its code has been released into the wild.

The code was published yesterday by hacker YamaTough, who has claimed to be part of the Anonymous Group, and had threatened to release the blueprint for the product in an extortion attempt for $50,000 which became public yesterday.

The pcAnywhere product allows remote access to computers raising fears that hackers could exploit the code release to gain control of desktops.

The vendor had been working with law enforcement agencies to try and head off the hacker trying to ensure that the code had been destroyed but the latest escalation in the confrontation is causing the vendor to work quickly to fend off possible vulnerabilities in its product that others may now exploit.

The security vendor has developed and issued a series of patches to counter any vulnerabilities and has been contacting customers to keep them informed of what is happening.

"Symantec can confirm that the source code for pcAnywhere has been posted publicly. It is part of the original cache of code for 2006 versions of the products that Anonymous has claimed to possess throughout the past few weeks. Symantec was prepared for the code to be posted at some point and has developed and distributed a series of patches since Jan. 23rd to protect pcAnywhere users against known vulnerabilities," the vendor stated.

"We continue to urge pcAnywhere customers to ensure that pcAnywhere version 12.5 is installed, apply all relevant patches that have been released and follow general security best practices," it added.

The vendor also expects more product codes to be published, something that the hackers had been threatening over the past few weeks.

"So far, they have posted code for the 2006 versions of Norton Utilities and pcAnywhere. We also anticipate that at some point, they will post the code for the 2006 versions of Norton Antivirus Corporate Edition and Norton Internet Security.," the vendor stated.

"As we have already stated publicly, this is old code and Symantec and Norton customers will not be at an increased risk as a result of any further disclosure related to these 2006 products," it added.

Join the conversation Comment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.