Anonymous Hacker Claims Credit For VMware ESX Code Leak

[InfoSec News <alerts () infosecnews org>]

http://www.crn.com/news/security/232900903/anonymous-hacker-claims-credit-for-vmware-esx-code-leak.htm

By Kevin McLaughlin
CRN
April 24, 2012

VMware's ESX hypervisor source code leak may stem from an attack on a 
Chinese import-export firm last month in which an anonymous hacker 
claims to have made off with more than one terabyte of confidential 
documents.

On Tuesday, Kaspersky Lab's Threatpost blog reported the details of its 
recent IRC conversation with "Hardcore Charlie," the anonymous hacker 
who posted the purported VMware ESX source code online on April 8.

Hardcore Charlie claims to have obtained the VMware ESX source code 
after breaching the corporate network of the China National Electronics 
Import-Export Corporation (CEIEC), a Beijing-based firm. He also broke 
into and stole documents from the networks of China North Industries 
Corporation (Norinco) WanBao Mining Ltd, Ivanho and PetroVietnam, 
according to the Threatpost report.

VMware could not be reached for comment.

In a security bulletin issued earlier on Tuesday, VMware warned that a 
single file from its ESX server hypervisor source code had been posted 
online and said it is possible that more proprietary files could be 
leaked.

[...]


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org