Terry Cutler the Ethical Hacker | Call me at 1-844-296-5649 x 24
Terry Cutler – The Ethical Hacker
Home » PcAnywhere hacked !

PcAnywhere hacked !

PcAnywhere hacked
courtesy of voiceofgreyhat.com

Symantec Corp is advising customers to stop using pcAnywhere software because it is at an increased risk for being
hacked. Last week, Symantec confirmed that hackers accessed their source code and as a caution are now advising users to disable their pcAnywhere product.  It is highly unusual for an Internet Security company to make such an advisory, but the company said it was necessary until they could patch up the holes.

The source code, for which Symantec had been denying now admits was breached in 2006, is a full disclosure;
Symantec confirmed that hackers stole the source code for the 2006 versions of Norton Antivirus Corporate Edition, Norton Internet Security, Norton System Works and pcAnywhere.


“Our own network was not breached, but rather that of a third party entity,” the company said in the statement on January 6, 2012. “We are still gathering information on the details and are not in a position to provide specifics on the third party
involved. Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec’s solutions,” the statement went on.

Now, the company says that PCs are at increased risk of getting hacked after blueprints of that software were stolen.

Symantec said it was only asking customers to temporarily stop using the product, until it releases an update to
the software that will mitigate the risk of an attack.

“At this time, Symantec recommends disabling the product until we release a final set of software updates that resolve currently known vulnerability risks,” Symantec said in a statement. (http://www.symantec.com/theme.jsp?themeid=anonymous-code-claims)

The statement goes on to read, “For customers that require pcAnywhere for business critical purposes, it is recommended that customers understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow general security best practices.”

In a PDF (http://www.symantec.com/connect/sites/default/files/pcAnywhere%20Security%20Recommendations%20WP_01_23_Final.pdf) Symantec said that “ Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits. Additionally, customers that are not following general security best practices are susceptible to man-in-the-middle attacks which can reveal authentication and session information. General security best practices include endpoint, network, remote access, and physical security, as well as configuring pcAnywhere in a
way that minimizes potential risks.

Then the company said pull the plug – for now.

It was back in early January 2012, a hacker naming himself YamaTough released the source code to its Norton
Utilities PC software and had threatened to publish its widely used anti-virus programs. An Indian hacking group calling itself Lords of Dharmaraja had claimed that it possessed the same source code for Symantec’s Norton AV products. Even Anonymous figured into the equation.

But Symantec countered and said the code was old and outdated.

As of writing this article, Symantec released a hotfix which can be downloaded from here http://clientui-kb.symantec.com/kb/index?page=content&pmv=print&impressions=&viewlocale=&id=TECH179526

Stay tuned!

Subscribe to our mailing list

* indicates required

Related posts

Is Anonymous the Robin Hood of modern day?

Terry Cutler

Anywhere use of the company Smartphone is great for hackers, not so great for the bottom line

Terry Cutler

What should every CEO know?

Terry Cutler

Enterprise Security Priorities for 2011

Terry Cutler

Unknown Missed Calls Good for Vanuatu, But Not You

Terry Cutler

Today’s Biggest Security Threats

Terry Cutler


Privacy & Cookies Policy