Hacked Symantec Security Software Goes Rogue

Symantec security software was hacked back in 2006, and now the anti-virus software maker says it didn't even know the source code for pcAnywhere, a remote access program, was even gone.

Symantec knew there was a breach, but until a hacker calling himself Yama Tough posted online in January that he had the code, the company was unaware of the theft. After hackers posted their message, Symantec announced the security programs had been stolen and urged people using the pcAnywhere program to disable it until the company could figure out if it had been compromised, Wired.com reported on its Threat Level blog.

pcAnywhere is popular program allowing people to troubleshoot their systems and let remote users access data on their office machines. It's also used in retail stores and restaurants on computers used to process credit card information, the report said.

We knew there was an incident in 2006, Symantec spokesman Chris Paden told Wired.

But it was inconclusive at the time as to whether or not actual code was taken or that someone had actual code in their hands.

The people working at Symantec in 2006 don't work there anymore, Paden said.

We are having to rely on data and logs to piece together what happened and what was going on. So you can imagine it's difficult to reach back six years to figure out what happened.

On the microblogging Web site Twitter, a user called anonymouSabua, who's part of the hacker collective Anonymous, wrote Lords of Dharmaraja has sent #antisec Symantec source codes for 0day-plundering. All your NU+PCAnywhere base are belong to us. Release soon.

The so-called Lords of Dharmaraja had done this to Symantec before. They had claimed to have hacked Symantec code from an Indian military intelligence agency in the past, though it was found to be false.

Tell us in the comments if you've had to disable your Symantec security software because of the attack.