Indian Hackers access an old version of Symantec Endpoint Protection code

There is news and rumors that the code of an old version of Symantec’s endpoint protection product is available with a hacker called YamaTough from an Indian group called “"The Lords of Dharmaraja”. In Hindu and Buddhist beliefs Yama Dharmaraja is the Lord of Justice and is sometimes referred to as Dharmaraja in reference to his unswerving dedication to maintaining order and adherence to harmony. Yama is also referred to as the Lord of Death. The rationale behind this hack is yet unknown.

If news reports are to be believed the code in question is Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2, approximately four years old. The current Endpoint Protection product is now at version 12.0 and 12.1. Symantec Antivirus 10.2 has been discontinued, though the company continues to service it. According to news reports the code was lifted from an Indian military agency.

Symantec Confirms Hackers Accessed Source Code of Two Enterprise Security Products

This article brings a few thoughts to mind. The first is obviously the safety of escrow code given by many firms to government agencies across the world. The second is how much of the code is reused in newer products and our knowledge of the full extent of the breach. The third is whether there was code from other yet unnamed products, lifted too.

At the moment, there is a lot of speculation. Let us wait for a full disclosure or rebut from Symantec before coming to conclusions.