Headquarters ofSymantec located in Cupertino, CA
A group named “The Lords of Dharmaraja” claims to have stolen Symantec(Makers of Norton Antivirus and other computer security products) source code and documentation from the servers of Indian Intelligence Agencies, along with intellectual property from other software companies that have contracts with Indian government.
A user named YAMATEAM have posted a document dating back to 1999 in Pastebin, which have been deleted eventually. But a google cache version of it is still available for access and you can check it out using the links below.
The document reads,
“As of now we start sharing with all our brothers and followers information from the Indian Military Intelligence servers,” the group said in a Pastebin post on Wednesday. So far we have discovered within the Indian Spy Programme source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI.”
Symantec has officially confirmed to the fact that its data has been accessed in one its 3rd party servers in its Facebook page which reads,
” Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued.
The code involved is four and five years old. This does not affect Symantec’s Norton products for our consumer customers. Symantec’s own network was not breached, but rather that of a third party entity. We are still gathering information on the details and are not in a position to provide specifics on the third party involved. Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec’s solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time. However, Symantec is working to develop remediation process to ensure long-term protection for our customers’ information. We will communicate that process once the steps have been finalized. Given the early stages of the investigation, we have no further details to disclose at this time but will provide updates as we confirm additional facts “
There has been no report of any previous incident involving this hacker group but it claims to have hacked indian embassy servers in paris before, the impact of this leak is yet to be assessed as there is no clear information available on the amount of valuable data possessed by this group.
From their language it seems they are not from any Indian hacking group, as none would keep a very obvious name like “The Lords of Dharmaraja” the name which is synonymous with hindu religion of India and parts of Asia like Japan,Thailand etc which might imply like they want to pose as an Indian hacking group. So it might well have been a handy work of any Pakistani or Chinese hacking group which are known to run passive cyber wars with India.
Check the links below for the google cache of the leaked document on Pastebin and official Symantec statement on its Facebook page.