Story updated; please see below.
A group of Indian hackers say they have obtained the source code for Norton AntiVirus software, as well as "confidential documentation," that they will share on websites for all to see.
The group, which calls themselves "The Lords of Dharmaraja," said it plans to publish the information on several different websites, "since we experience extreme pressure and censorship from US and India government agencies." It shared some of the information — some of which appears several years old — and a statement on the PasteBin file-sharing site. The original post was deleted, but a version is available to be seen via Google's cache of it.
If the hackers really do have Symantec’s source code — which at the moment remains only a claim — and release it to the world, the impact could be devastating to both the firm and to millions of users. Virus writers armed with source code would have a much easier time writing malicious programs that would evade Norton’s protection.
Symantec, which owns Norton, said in a statement to msnbc.com that it is "investigating claims of our source code being disclosed externally."
"The first claim pertained to Norton Antivirus code; however, our investigation confirmed it was a document from 12 years ago saying how the solution worked," Symantec said in the statement. "No source code was disclosed. As for the second claim of additional code, we are still analyzing the information."
The company's "first priority is to make sure that any customer information remains protected," and so far, Symantec said, "we have not detected any inordinate or suspicious rates of traffic or activity going in or out of our networks."
Updated, 9 p.m. PT: Symantec says that "a segment" of the source code used in two of its "older enterprise products has been accessed, one of which has been discontinued. The code involved is four and five years old. This does not affect Symantec’s Norton products for our consumer customers."
The company says its network "was not breached, but rather that of a third party entity. We are still gathering information on the details and are not in a position to provide specifics on the third party involved. Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec’s solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time."
Msnbc.com's Bob Sullivan contributed to this report.
- Piracy 'church' gets approval from Swedish government
- Anonymous exposes German neo-Nazis
- Hackers disclose Israelis' credit card information