Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Symantec Confirms Leak of pcAnywhere Source Code

Symantec confirmed with SecurityWeek today, that following claims from Anonymous that additional Symantec product source code would be released, the claims are true, and the said files are in fact the legitimate source code from its pcAnywhere product.

Symantec confirmed with SecurityWeek today, that following claims from Anonymous that additional Symantec product source code would be released, the claims are true, and the said files are in fact the legitimate source code from its pcAnywhere product.

In an email to SecurityWeek, Chris Paden, Senior Manager, Corporate Communications at Symantec noted, “we can confirm that the source code is legitimate. It is part of the original cache of code for 2006 versions of the products that Anonymous has claimed to have been in possession during the last few weeks.”

Paden also said the company anticipates Anonymous to post the rest of the code they have claimed have in their possession. “So far, they have posted code for the 2006 version of Norton Internet Security and pcAnywhere. We also anticipate that at some point, they will post the code for Norton Antivirus Corporate Edition and Norton Systemworks. Both products no longer exist,” Paden noted.

Symantec also issued the following statement on the incident:

Symantec was prepared for the code to be posted at some point, and has developed and distributed a series of patches since Jan. 23rd to protect our users against attacks that might transpire as a result of the code being made public. We have been conducting direct outreach to our customers since Jan. 23rd to reiterate that, in addition to applying all relevant patches that have been released, we’ve also counseled customers to ensure that pcAnywhere version 12.5 is installed, and follow general security best practices.

If customers are unable to adhere to this guidance and have not installed the latest version with current patches, we recommend that they contact [email protected] for additional assistance.

On Monday, January 23, 2012, Symantec released a patch that eliminates known vulnerabilities affecting customers using pcAnywhere 12.5. On Friday, January 27, 2012, Symantec released a patch that eliminates known vulnerabilities affecting customers using pcAnywhere 12.0 and pcAnywhere 12.1.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.