Hackers broke into Symantec Corp.’s European Web site on Aug. 2 and posted messages claiming they had infected the entire Symantec network with a worm dubbed “Bloworm”.

The claim stated the infection had been initiated by the hackers two months previously, according to Richard Saunders, corporate communications manager for Symantec in San Francisco.

The alleged Bloworm worm is not known to exist by Symantec, nor had it been posted to any other major antivirus software company’s on-line virus and hoax lists by press time.

“Whether this thing is real or not, they didn’t actually infect our Web site at all,” Saunders said. Without providing details as to the company’s security measures, he said Symantec is sure the hackers did not penetrate the firewall and that no virus or worm was placed on Symantec’s network.

Worms are a self-replicating form of virus that often do not require users to run an application. Worms and viruses can exist in dormant forms and self-execute on a specified date, but Saunders said Symantec is sure there is not even a dormant infection on its network.

“Our home page is outside the firewall and everything else is within the firewall…It makes it faster and easier for people to get to our home page,” Saunders explained. “If they tried to get past that, they didn’t succeed.”

He said the messages left by the hackers on the Web site at around 2 a.m. Pacific Time on Aug. 2 were removed within 35 to 40 minutes.

“This is less of a hacking attack and more of a graffiti attack. They put something on the front door, and when they tried to kick the door down, they couldn’t do it.”

Saunders said he is unaware of any response from customers, adding that Web site users may not have even noticed the difference because the entire site was not brought down during the cleaning. Servers were taken down one at a time, leaving the remaining servers to continue hosting the site.

“Any performance degradation would have been minimal because we have so many servers,” Saunders said.

Symantec’s site is at