Its stolen source code could intercept business information
Symantec has asked users to disable the pcAnywhere software after certain vulnerabilities were exposed, which follows earlier reports of source code being stolen by ‘Lords of Dharmaraja,’ suspected to be an Indian-based hacker group
The company suggested that corporate customers should apply relevant patches and use the most current version of the software.
The pcAnywhere is at a strong risk of ‘Man in the Middle’ attack – that intercepts data between two or more authorised points of information flow.
An assailant could easily enter a company’s network and intercept any crucial information.
A note on Symantec’s website explains as to how risks can be minimised for those who use pcAnywhere component. It also sincerely advising users to ‘disable’ it until Symantec releases a patch that will do away with the risk.
After the ‘Lords of Dharmaraj’ sent out pieces of pcAnywhere source code on January 16, "all pcAnywhere 12.0, 12.1, and 12.5 customers" were at a higher risk, said a statement released by Symantec.
The concerned piece of code is around six years old and the current ‘out-of-the-box’ security settings are enough to deal with any security threats, as users who get access to the code are well positioned to ‘build new exploits’.
The stolen material had included blueprints for Norton Antivirus Corporate Edition, Norton Internet Security, Norton GoBack and pcAnywhere – which are the most vulnerable, according to the BBC.