Symantec has issued a warning to its customers to disable pcAnywhere remote access software after verifying that the source code was indeed stolen in a 2006 breach. A group of hackers identifying itself as the "Lords of Dharmaraja" have claimed credit for this as well as for stealing the source code of two other Symantec security applications. According to various reports, the source code is currently being distributed to hackers hunting for zero-day vulnerabilities to exploit.

Speaking to Wired, Symantec spokesman Cris Paden admitted that the company had not previously known that the source code for pcAnywhere had been stolen. "We knew there was an incident in 2006...But it was inconclusive at the time as to whether or not actual code was taken or that someone had actual code in their hands." Recent reports led the company to examine six-year-old server logs and conclude that a source code theft had indeed occurred.

For now, Symantec has released a white paper (.pdf) outlining its recommendations and possible remediation steps that businesses can take. In it, Symantec conceded that pcAnywhere customers have "increased risk" due to an "increased ability to identify vulnerabilities and build new exploits." In the white paper, Symantec recommended that users disable pcAnywhere until the release of a final set of software updates that "resolve currently known vulnerability risks."

The radical suggestion by the security giant to disable pcAnywhere suggests that Symantec is aware of security vulnerabilities which the company has dithered in patching--a fact that does not bode well for its reputation. The greater damage however is probably in its active customer base, which likely chose pcAnywhere over other free or commercial remote access software for the perceived security offered by the Symantec-branded software.

So far, Symantec released a patch on Monday that eliminates three known vulnerability in pcAnywhere 12.5 on Windows, according to a report on TechNewsWorld. Customers are also advised to upgrade to pcAnywhere 12.5 and make use of endpoint protection.

For more:
- check out this article at CRN
- check out this article at TechNewsWorld
- check out this article at Wired

Related Articles:
Symantec source code stolen; company plays down theft
Symantec buys LiveOffice cloud storage vendor
March hack the result of RSA security lapse, says researcher