2012年4月26日木曜日

VMware confirms source code leak, LulzSec-affiliated hacker claims credit

VMware has confirmed a leak of source code from the ESX hypervisor. The code was posted on Pastebin on April 8 by a hacker calling himself "Hardcore Charlie."

VMware confirmed the theft yesterday, and said there is a "possibility that more files may be posted in the future." The good news is that the code dates from 2003 to 2004. While VMware ESX is still heavily used, VMware is shifting customers to a newer hypervisor called ESXi, which has a smaller attack surface and is designed to be more secure.

"The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers," the company said. "VMware proactively shares its source code and interfaces with other industry participants to enable the broad virtualization ecosystem today. We take customer security seriously and have engaged internal and external resources, including our VMware Security Response Center, to thoroughly investigate. We will continue to provide updates to the VMware community if and when additional information is available."

The Kaspersky Lab ThreatPost blog somewhat over-dramatically called the incident the "IT equivalent of the Deepwater Horizon oil spill disaster."

This VMware source code reportedly was stolen from Chinese military contractor CEIEC, the China National Electronics Import-Export Corporation. VMware code wasn't the only target. Although the VMware connection wasn't verified until yesterday, the hacker Hardcore Charlie told Reuters earlier this month that he hacked into CEIEC seeking information on the US military campaign in Afghanistan, and also that he was a friend of Hector Monsegur, the LulzSec leader who was caught by the FBI and pleaded guilty to criminal hacking charges.

0 件のコメント:

コメントを投稿