VMWare ESX source code leaked

Powered by SC Magazine
 

Company confirms leak affected 2004 product.

VMware has confirmed that source code for its ESX hypervisor has leaked online.

The code was obtained by hackers who allegedly broke into a Chinese defence contractor where they also stole internal emails and documents.

VMware, which shares source code with select industry partners, said it did not belive the 300Mb leak would place customers at risk because the code related to software released around 2004 that had since been updated.

"The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers," security response centre director Iain Mulholland said in a statement.

"VMware proactively shares its source code and interfaces with other industry participants to enable the broad virtualisation ecosystem today.

"We take customer security seriously and have engaged internal and external resources, including our VMware security response centre, to thoroughly investigate."

VMware could not rule out a breach of its own source code repository.

However the hacker, known as Hardcore Charlie, claimed to have obtained the code by hacking defence contractor China National Electronics Import-Export Corporation (CEIEC) earlier this month, an allegation the company tersely refuted.

"The information reported is totally groundless, highly subjective and defamatory," it said in statement.

Hardcore Charlie published a series of documents which he describes in a rambling pastebin entry to show alleged collusion between CITEC and Western military and terrorist organisations.

Similar documents stolen by comrade hacker YamaTough which sought to bring disrepute on the Indian Government were found to be falsified.

Hardcore Charlie promised to release more data breach data on May 5.

Copyright © SC Magazine, Australia


VMWare ESX source code leaked
 
 
 
Top Stories
Qld Transport to replace core registration system
State's biggest citizen info repository set for overhaul.
 
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
Defence spends $50m to upgrade RAAF's air traffic systems
First step in long-running modernisation.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  21%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 900

Vote