In what is a very rare move Symantec, issued a warning to all of it’s pcAnywhere customers to STOP using the product and disable it.
This announcement comes as the company’s most direct acknowledgement of theft of it’s 2006 source code that is now, putting it’s customers at risk of attack.
Symantec stated it is only asking customers to temporarily stop using the product, until it releases an update to the software that will mitigate the risk of an attack.
For those in “business critical purposes,” they advised that only use the most recent version of the product and “understand the current risks,” which include the possibility that hackers could steal data or credentials.
The threat includes users of both current and past versions as well as bundled packages with Altiris and the pcAnywhere Thin Host packaged with backup and security products.
Theft of it’s source, came to light when an Indian hacking group calling itself the Lords of Dharmaraja threatened to publish the code.
The gang’s apparent spokesperson, who goes by the name of “Yama Tough,” posted code from the 2006 version of Symantec’s Norton AntiVirus to PasteBin and subsequently wrote about the breach on Google+.
This will affect around 50,000 of it’s customers, Company spokesman Cris Paden stated.
Full text of the advisory can be found on Symantec’s website.
Source: Nakedsecurity, Reuters, Symantec