US probes Indian govt spy unit for alleged hacking!

[Tolaha]

I wish that this news is real! Kinda feel satisfied that folks up there are atleast doing something that they are paid for! Having said that, as mentioned in the article, I too feel these couldnt be your regular bunch of hackers... they seem to be working with certain political goals in mind!

 

[JAYRAM]

Topic linked to http://defenceforumindia.com/foreign-relations/29918-us-probes-indian-govt-spy-unit-alleged.html,

http://defenceforumindia.com/milita...backdoor-cellular-access-indian-military.html, and latest, http://defenceforumindia.com/strate...an-hackers-offer-help-man-suing-symantec.html



The Memo, leaked by Yama Tough, which he'd found on an Indian Ministry of External Affairs server


Photo Album - Imgur

 

[JAYRAM]

Lords of Dharmaraja


Lords of Dharmaraja, is the name of hacker group, allegedly operating in India.[1] This group came into limelight for threatening to release the source code of Symantec's product, Norton Antivirus, and also for allegations on Government of India 'arm-twisting' international mobile manufacturers to spy on USCC. Symantec has confirmed that, the Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2 version source code has been compromised and obtained by the group, while USA authorities are still investigating allegations suspecting India's hand in spying.[2][3]

This group is alleged, to have hacked and posted a threat by uploading the secret documents, memos, and source code of Symantec's product on Pastebin, a website renowned for 'source code' snippets upload by several users, for public viewing.[4] The group, it seems, to have uploaded some secret documents, allegedly revealing Indian government arm-twisting international mobile manufacturers like RIM, Apple, and Nokia to assist in spying United States-China Economic and Security Review Commission.[5] In addition to these, the group seems to have claimed in discovering 'source code' related to dozen software companies, which have signed agreements with Indian 'TANCS programme' and CBI.[6]

After the hacker's posted their threats, 'Christopher Soghojan', a security and privacy researcher in USA tweeted as: "Hackers leak indian Military Intel memo suggesting Apple has provided intercept backdoor to govs". He also provided the links to the gallery of images and documents. The documents appear to be related to 'Tactical Network for Cellular Surveillance'(TANCS), technical agreement with mobile manufacturers, and email communication stuff associated with members of USCC.[7]

Their claims

As reported in The Times of India, the group posted a statement saying, "As of now, we start sharing with all our brothers and followers information from the Indian Militaty Intelligence servers, so far, we have discovered within the Indian Spy Programme source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI."[8]

In another article, the group also seemed to have said, "Now we release confidential documentation we encountered of Symantec corporation and it's Norton AntiVirus source code which we are going to publish later on, we are working out mirrors as of now since we experience extreme pressure and censorship from US and India government agencies."[9]
When The Times of India tried to reach, an alleged member of 'Lords of Dharamraja' with name 'YamaTough', but he did not reply. YamaTough also has a twitter account; wherein, he described himself as "anonymous avengers of Indian independence frontier."[10]

Allegations

Cyber Spying

As reported in The Times of India, based on uploaded secret memos dated 'October 6, 2011', international mobile manufacturers like RIM, Apple, and Nokia along with domestic Micromax have given 'backdoor access' for digital surveillance to Indian military intelligence officials in exchange for doing business in Indian market. As per the memo, a decision was also made to sign an agreement with mobile manufacturers in exchange for 'business presence' in Indian market since, military intelligence has no access to United States Chamber of Commerce's LAN due to VPN and communication gateways like POP servers etc.,. The memos further reveal that, this 'backdoor' was allegedly used by Indian intelligence to spy on United States-China Economic and Security Review Commission.[11]

As reported in Rediff.com article based on leaked documents, Indian Army's intelligence arm Military intelligence along with Central Bureau of Investigation were performing bilateral cellular and Internet surveillance operations right from April 2011. Later, in July 2011, during a meeting of the sub-committee of Military Intelligence, a detailed 'Cyber Defence Plan for 2011' was prepared and subsesquently Military intelligence-Central Bureau of Investigation 'joint operations' are bieng conducted daily.[12]

Another article on The Register based on uploaded documents says, 'CYCADA' data intercept team are in operation on the networks using backdoors provided by mobile manufacturers. It also says, the leaked memos elicit converstations between members of USCC on currency issues and discussions on the western firms actions in assisting Chinese aircraft industry to improve its 'avionics' and engine manufacturing too.[13]

As reported by the news agency, Reuters, United States-China Economic and Security Review Commission officials have asked the 'concerned authorities to investigate the matter' and didn't dispute the authenticity of intercepted mails pointing the 'backdoor channel' as evident in the leaked documents.[14] As also reported on Hindustan Times, a spokesman for USCC, 'Jonathan Weston', who said, "We are aware of these reports and have contacted relevant authorities to investigate the matter." Apparently, US authorities are investigating the allegations pointing Indian government's spy-unit hacking into emails of US official panel that, monitors economic and security relations between USA and China.[15]

Mobile manufacturer officials, more or less, refused to comment on the issue, when The Times of India contacted the relevant spokesmen or authorities. Senior director of Corporate Communications at Apple Inc., 'Alan Hely', refused to comment on the leaked documents, but denied any backdoor access been provided. RIM too, refused to comment on the leaked memos as rumors or speculations when the The Register contacted them. RIM in fact, countered them saying, "it does not do deals with specific countries and has no abillity to provide its customer's encryption keys."[16] A spokesman for Nokia, apparently trying to evade, by refusing to comment and instead said, "The company takes the privacy of customers and their data seriously and is committed to comply with all applicable data protection and privacy laws."[17]

Speaking to Rediff.com, Indian Army denied the reports of spying on United States-China Economic and Security Review Commission through mobile companies. However, military spokesman on phone to Rediff.com said that, the uploaded documents were in fact forged with malicious intent.[18]

Symantec's Anti-virus source code

The hacker's group threatened to publish the entire source code of Symantec's product, Norton Antivirus, allegedly stolen after they have discovered it, apparently while hacking the servers associated with India's Military Intelligence. To add weight to their threats, they posted some of the hacked source code to Pastebin.

A data security company, Imperva, commented on hacker's group claims and threats as that would potentially be an embarrassment on Symantec part. 'Rob Rachwald' from Imperva speculated that, hacker's group might have retrieved the files as because of the files residing on 'test server' or by posting to FTP, exposing them mistakenly or became public unintentionally through negligence. He also further said, government's do require source code of vendor products to prove that product is not Spyware. [19]

Symantec initially, though, tried to douse the fears saying that, the documentation and preview code is nothing special. 'Chris Paden' from Symantec further said, the published data and documents is no more than Symantec's API documentation which every software vendor including Symantec will share with any client, including governments. Later, Symantec has confirmed that, Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2 has been compromised to the hacker's group.[20][21]

http://en.wikipedia.org/wiki/Lords_of_Dharmaraja

 

[JAYRAM]

The Lords Of Dharmaraja - Symantec Source Code

BY: A GUEST | JAN 8TH, 2012 | SYNTAX: NONE | SIZE: 17.33 KB | HITS: 1,517 | EXPIRES: NEVER


The Lords Of Dharmaraja - Symantec Source Code - Pastebin.com

 

[JAYRAM]

My question again who are Lords of Dharmaraja?

http://defenceforumindia.com/military-strategy/30138-hackers-say-indian-intelligence-has-u-s.html

 

[Yusuf]

Makes me happy this news as we always here the Chinis doing all the cyber spying.
What i don't understand is that how RINOA, an Indian agreement helped hack into US and Chini network?

Anyways it's good if this news is true and authentic and not some publicity stunt by spreading false info. We need to hack into every possible Chini system and make ourselves informed about what they are thinking.

 

[Ray]

Pretty interesting that the US passwords are with India!

 

[Ray]

It is an interesting thing that India is hacking the US!

 

[JAYRAM]

Exclusive: Interview With Hacker YamaTough

Saturday, January 14, 2012

Update: "The Lords of Dharmaraja" claim to have released the source code for Symantec's Norton Utilities, as was threatened earlier in the day on Friday January 13, 2012.

The alleged data dump has not been officially confirmed, and company officials have not yet released a statement. Sources are working to confirm the validity of the claim.

On Saturday January 14, 2012, YamaTough posted a similar threat to release the source code for Symantec's antivirus product: "This coming Tuesday behold the full Norton Antivirus 1,7Gb src, the rest will follow," the hacktivist stated via Twitter.

More details will be provided as they become available.

* * *

YamaTough, the spokesperson for the hacktivist group "The Lords of Dharmaraja" who sent Infosec Island 68 sets of usernames and passwords for compromised US government networks, has provided our publication with a series of statements regarding the group's recent exploits.

As previously reported, the hacktivists are responsible for exposing parts of the source code for the 2006 version of Symantec's Norton antivirus product, as well as posting questionable documents online that showed that the United States-China Economic and Security Review Commission (USCC) was possibly breached.

The documents also contained possible evidence that several mobile device producers may have voluntarily provided product information to the Indian government for the development of backdoors that could be used for surveillance purposes in exchange for granting access to the Indian marketplace.

The hacktivist group maintains claims that the information was obtained from servers owned and operated by various ministries of the Indian government.

YamaTough indicated the group is in possession of data from several companies other than Symantec, and they have yet to decide whether or not they will make the information public, though they have stated that they may be inclined to do so.

Infosec Island has made all of the materials received and communications undertaken with YamaTough available to the proper authorities, and we are continuing to fully cooperate with law enforcement in their investigation.

The following is our best attempt to organize the statements YamaTough has provided in multiple communications with Infosec Island staff.

Some of the statements were made in direct response to the questions posed, while some were incidental to other conversations not formally organized as an interview, which Yamatough then referred Infosec Island to for clarification and inclusion in this exchange.

Our intention is to furnish as accurately as possible the full and unadulterated conversation while also attempting to provide some structure for the sake of clarity and flow.

The statements attributed to YamaTough are unedited, except for the appearance of the word "frak" because of our policy against graphic profanity, and the use of "[redacted]" where sensitive information is exposed.

Q: Can you confirm all the information you have provided was actually acquired from Indian government servers and not taken from US government servers by your team?

"no we did not frak with Us gov systems, we only do Indian since we are in opposition to indian gov not us - we even want a pro us gov in here instead of thees bastedz who r in charge in here now. I confirm we found all the stuff at indian gov machines."

Q: Which Indian government systems were hacked in order to acquire this information?

"MEA.GOV.IN and all the intel wings in consulates worldwide were breached"¦ the source of is mea.gov.in and their compromised vpn accounts by means of RAT through it we got inside the network to roll out...them crooks have source codes not only for Symantec products not limited to nav. There's much more for next releases including not only software but also stuff which was sniffed on by Military Intel just like we provided William Reinsch and Chuck Ditrich of us-lba.org etc etc."

"shall I provide some technical data as of which accounts were compromised at indian mea? Ok, Just so we wont compromise all of our botnet, I shall provide only one which was the keystone to the whole drama. RCI DRDO Hyderabad Satheesh Reddy got infected with our custom dezigne RAT tool, from there it spread like a worm infecting pretty much the whole Indian governemt network including mea.gov.in nic.in etc."

Q: How do you think the Indian government came into possession of the usernames and passwords for US government networks?

"By gaining access to the personal machines of these gov employees it was easy to obtain vpn accounts "l: to which most of them store as backup on their yahoo.com etc. accounts. So the deal is - a gov employee is using his gov email which forwards sensitive info to free based emails where this info stored. Just in case they forget something - lame? you bet that's the reality. The RAT tool which was utilized can't be detected even with Kaspersky Pro Active Def - so it gives us an oportunity to do pretty much everything - those indian gov ppl - are ordinary people - they are using their own laptops at work and at home - watching porn, downloading mp3, etc. thus getting infected with a RAT by means of 0day. Those are details you dont need to know - this is general overview."

"What is the most important that DRDO is the one who's in charge of the whole SURveillance network and our raw data (edited for you) states that they are also monitoring personal information of ordinary people so the ambition here is to create more powerfull stuff than [redacted] operates - India is a powerfull country and they got the potential by being a BRIC project."

"They target [redacted] and [redacted] system by gaining access to personal relationship of citizen with the government. we made a screenshot of a random account so you wont verify them yaself since it's illegal [redacted] [redacted] And one random pdf document from Military wing in Paris - to tell them that nomatter what they did we are still in - it's fresh 03th of this month."

"An example of the government "bot" also utilized in this hack - this one just to illustrate synchronization of Indian military gov emails with the free webbased accounts : [redacted] PASS: [redacted] [redacted] Screenshot of "bot's" yahoo account including the arrached passport which is indicated on the screenshot email message"

Q: How would you characterize the data you have in your possession?

"As of companies there's a dozen. As of Sym there's a lot of code but I want you to ask them to comment on that file list we provided on pastebin why wont they publicly say what that is? and if it is a match let them publicly admit that the whole code is in posession (I think they wont anyway) LEt them crossmatch the pack. Me and my fellas are stil negotiating whether to do an actual pub and when and do it only to SYm or to other companies also. We are hesitating because we see that everybody's stuck with Symantec but noone actually said anything about outsourcing and we see how governments covers up the USCC story, none of them crooks got to a point of admitting that there''s problem with Indian spying on federal government of USA."

"on MOD machines stored source codes for ALL SYM shit, ALL APPLE shit includin IOS source, to name a few also many many transmission logs apparently gotten to them over the backdoors in mobile phones. We just grabbed what we saw and post it, there's gigs of stuff in dere including transmissions with Chinese NORINCO executived about purchasing technology from Raytheon etc etc etc"

Q: What was the level of security practiced by the Indian Government? Did you use exploits against the servers? Did you break in using APT style attacks via social networking or email? Was it easy or could anyone have done it?

"trojan horse developed by my team being undetected by any of the avp sftwr and 0day exploit to infect the whole gov like a worm, check it out I gave you samples of the infected government officials and commmanders...."

Q: What have been the repercussions from the Indian Government? Have they tightened up security?

"all they did changed passwords for vpn account - our trojans are still keyloging the new ones. The way they operate is so dumb - what they did they've taken the leaked documents - took the griefs - located where it did come from - called that office or embassy or whatever and they changed passwords - lame. They seem like smart ones only on paper and the way they pretend to look like badass institutions and system like US wanabees. Theres nothing really extraordinary or awesome in their networks. Some of them are old as crap"

"As soon as we r over with the blockade we experience from Indian and US LE and Intel, since the issue not really in Symantec but In fact that India is spying on USCHINA ECON SEC commission (example William Reinsch Larry Wartzel, Dan Slane, Michael Dannis etc emails) we think since they are former [redacted] US and India block our mirrors and we have many of our brothers now under search and ceizure warrants pending Symantec is not a big deal they just happened to sign an agreement with Indian MI thats all the deal is what kind of stuff we;ve owneed by owneeing MEA servers...we expect to publish by 10th -16th this month."

Q: Did you find data carefully archived or was it residing on end users' computers?

"some data is cryptoarchived - software used is designed by personell programmers - they do no imply public soft like truecrypt bestcrypt diskcrypt and such. what's astounding is that the programme is so diverse and dispersed all over the world that there's no such thing as centralized governance of the system - spread and therefore weak - humans/employees make mistakes and some do not use crypto at all even have weak passwords to their email accounts located in gov domain - they think that if they use gov vpn to download email password doesnt matter at all. they way they store info on public free webmails as backup."

Q: Can you tell how and to whom intelligence is distributed? What is the structure of Indian cyber espionage operations? Do they have a dedicated team of cyber spies? Do they contract the work out to hackers?

"Both are same questions so later"

Q: Is the material you see focused on gathering Intel about China?

"Worldwide - different departments do have sublayers one of them was china - result uscc case - by the way you only seen uscc emails which were in the document ? did you get the whole archive of uscc emails with attachment? "Looks like it is going public so we have to start working on a more complex article until the uscc commissioners made the news and shit about PRC - people republic of china intercepeted communications,,, since its time for presidential elections in us things can get nasty coz of this"¦"

Q: Can you detect any signs that India is working with Russia to engage in cyber espionage against the US?

"BRIC has develloped as a counter us intelligence unit widespread .... an example I show you some of the data which we have published on our google+ account prior to the Symantec release - in addition I ad an update on this operation - India has hundreds of separated data intercept programs Rinoa is just a mobile device stuff, there are others which are targeted at gathering information on everysingle person in countries like USA and UK as sample I provide some of the stuff they got... unfortunatelly i can not give you raw data since it will compromise our operation and it is too large and gibberish."

Q: What are your motivations for releasing this information?

"Our goal is [Sunil] Bharti Mittal go off politacl arena and stop manipulating our government," India bought the right to spy on people worldwide by getting src from all major sft mnfctrs wegot many things to say so ..."

"yes you are welcom and tell the everyone that my team is pro US we fight for rights in our contry we are not intentionaly harm US companies (sometimes we do hack into since our botnet is worldwide) but we do not steal credit cards and make money of it and we do not do banks etc. Our mission - exposure of the corruption. We wanna appologize for harm taken by the Symantec USCC and others,,, but without them being involved things which do occure in our state would never be covered and taken to the public, sometimes you have to sacrifice in order to achieve...and we do not approve sharing personal data and source codes with foreign governments. We want free and nice India and not police state, so ask ?, let feds ask also, and we have questions to symantec (for now) later we shall ask other companies involved which we have come to posesses data of."

YamaTough also posted the following statements, among others, in comment threads on related articles at Infosec Island:

In regards to the breach of US government systems:

1-11-2012: "Who wants symantec story as of now ? Who cares about symantec as of now? You guys should care not about one corp entity but the whole homeland security and why foreign entity should know how much tax you pay and what clarity are your contact lenses"

In regards to authenticity of previously leaked documents:

1-12-2012: "it would be stupid thinking that involved party admits to authenticity of the documents - they had hard time admitting to Paris leak, now they state that office Singh doesnt exist =) They will deny it anyway. Let's make USA decide what's authentic and what is not. We have still 1000 "leak" missles to launch at Indian government to prove otherwise. No matter how they deny it - there are independent parties who will get to a point where lying turns into "harakiri""

During the course of drafting this article, YamaTough threatened the imminent of source code for Symantec's Norton Utilities product in an Infosec Island article comment thread:

1-13-2012: "Today we release Norton Utilities to accompany Symantec lawsuit. Goodluck Mr.Gross with ya crusade =) Stay tuned for a link. Link will get published on our twitter, not here - of all respect to infosec staff."

YamaTough also posted a statement on Twitter:

"@YamaTough Stay tuned it's almost uploaded. It's Friday the 13th for Symantec, we wonder what's comming for the next Halloween =[] "
The reference to "Mr. Gross" is related to a class action lawsuit filed in the United States District Court, Northern District of California, San Jose Division - the jurisdiction where Symantec is headquartered.

The suit, filed by Washington state resident James Gross on January 10, 2012, alleges Symantec has employed the use of "scareware" - free computer diagnostic scanning services - to induce consumers to purchase the company's products by reporting the presence of malware or other infections on the users' computer.

A copy of the filing can be found here:

Gross v. Symantec Corporation Document 1 - :: Justia Docs

Infosec Island will follow up on these events as information becomes available. Stay tuned"¦


Exclusive: Interview With Hacker YamaTough

 

[JAYRAM]

US CHINA ECON SEC CMSSN HACKED - US CHINA ECON SEC CMSSN HACKED - Pastebin.com


YamaTough Twitter Account - Twitter

 

[Virendra]

Interesting. Has anyone seen the data he claims to show?
Why is it not stirring a hornet's nest in Indian media? Owned.

 

[p2prada]

It is an interesting thing that India is hacking the US!

Anybody connected to the internet can be hacked by anybody. A 12 year old is enough for it.

The trick is not getting caught after. CBI won't chase after a bunch of 12 year olds who do DDOS attacks on DFI but they will chase if Ratan Tata complains. They simply don't have the time to chase after rabbits when there are carnivores on the prowl.

Also there is no such thing as fool proof security when you are connected to the internet. Three teenagers hacked into BARC's LAN(which is a big deal) and the data came into the hands of the Americans(by hook or crook). One of the primary reasons why Cloud Computing does not have as many takers as needed.

Lords of Dharmaraj are amateur hackers. If they fool around too much, they will get caught. As long as they don't attract CBI's attention, it will be fine.

 

[Tshering22]

It is fascinating how these guys actually targeted US info. I'd have been more pleased had this been a cyber attack against CCP's government agencies.

 

[JAYRAM]

Fake memo but real code? India-U.S. hacking mystery deepens

By Frank Jack Daniel
NEW DELHI | Wed Jan 11, 2012 1:49pm EST

(Reuters) - A memo that triggered a U.S. investigation into a possible cyber-attack by Indian military intelligence is probably a fake, but it is clear from leaked documents that serious security breaches did take place.

A little-known hacker group, 'Lords of Dharmaraja', began posting the documents last year, but only drew widespread attention after the anti-virus software firm Symantec confirmed on Saturday that a segment of its source code had been accessed by the group.

Reuters has obtained a large digital cache appearing to contain emails that were posted by the group but were quickly blocked by file-sharing sites.

Dated between April and October last year, many of the emails were addressed to Bill Reinsch, a member of an official U.S. commission monitoring economic and security ties between the United States and China, including cyber-security issues.

Military and cyber-security experts in India say the hackers may have created the purported military intelligence memo simply to draw attention to their work, or to taint relations between close allies India and the United States.

"There is some malicious intent, but to try and work out who has done it, given the current nature of the Internet, is an exercise in futility," said Cherian Samuel, a specialist on cyber-security and Indo-U.S. relations at India's Defense Ministry-funded Institute for Defense Studies and Analyses.

Speculation has focused on India's neighbors, arch-rival Pakistan and China, both of which are active in cyber-operations.

"It's also possible that Pakistan's hackers have done it, or China's hackers," said Mukesh Saini, an expert on cyber-security who served on the secretariat of India's national security council, an intelligence agency, until 2006.

But if that were the case, he said, the attackers could be acting without state sponsorship.

"Pro-Indian and pro-Pakistan individuals and small hacker groups have been attacking each other's government and non-government websites, with or without the consent of their government, for a very long time," he said.

INCONSISTENCIES

Two Washington sources close to the U.S. China Commission said that while they were positive the commission was a target for Chinese intelligence, they found it hard to believe its activities were of any interest to Indian intelligence.

They said it was possible that Chinese operatives forged the document to embarrass both the commission and the Indians.

Other Washington officials, however, said it was equally possible, if not more plausible, that the alleged Indian intelligence document was genuine and that the Indians were spying on the commission out of their own interest in learning about Washington's attitudes to China.

Genuine or not, the sophisticated language the document was written in suggests it was created by someone with a clear grasp of India's bureaucratic style.

Technology blog Infosec Island said on Wednesday it had seen more data obtained by the Lords of Dharmaraja, including dozens of usernames and passwords for compromised U.S. government network accounts.

Infosec Island blogger Anthony Freed said the hacker group claimed to have taken the data from servers belonging to India's Ministry of External Affairs and the Indian government's IT organization, among others.

Officials in India declined to comment on the document's content or authenticity.

The alleged memo (bit.ly/zYze7w), which had a number of inconsistencies, including the letterhead of a military intelligence unit not involved in surveillance, claimed India had been spying on the USCC using know-how provided by Western mobile phone manufacturers.

While the memo looks dubious, the U.S.-China Economic and Security Review Commission has not denied the veracity of the email cache, and U.S. authorities are investigating the matter.

The emails include conversations between U.S. embassy officials in Tripoli, DHL and General Electric about delivering medical equipment to Libya, as well as concerns that GE was helping China improve its jet engine industry.

"ANONYMOUS"

It is unclear whether Lords of Dharmaraja got the emails from Indian military intelligence servers, as they claim, but they first mentioned the documents in November, at the same time as they announced they hacked India's embassy server in Paris.

That breach was confirmed at the time by India's foreign ministry, and some experts believe the cache of U.S. emails was taken from the same source, raising the question of how they ended up there in the first place.

"An individual could have hacked someone's personal computer and handed it over to the embassy. There are so many means and measures," said Saini, who himself was charged with leaking secrets to Washington in 2006. He proclaims his innocence.

"There may be cooperation between India and the United States, the United States may have shared them, or India could have done the hack ... or a third country may have handed it to India," said Saini.

It is also unclear how Symantec's source code ended up with the Lords of Dharmaraja, whose public face goes by the name Yamatough on a Twitter feed.

Yamatough, whose profile picture shows a Tibetan painting of Dharmaraja, the Hindu god of death and justice, follows many members of the "Anonymous" hacking collective, and Symantec attributes the hack to that group.

"We are still investigating exactly where or how Anonymous accessed the code, but to date we have found no evidence that we shared any information with the Indian government," Symantec said in a statement.

"If the Indian government was indeed in possession of the code - as Anonymous claims and which has not yet been verified - we have no indication that it came from Symantec or as a result of our software assurance processes."

Fake memo but real code? India-U.S. hacking mystery deepens | Reuters