More VMware ESX Source Code Posted Online

For the third time this year, VMware ESX source code has been posted online. A hacker known as Stun claiming to be affiliated with Anonymous tweeted a link to a torrent site hosting the stolen VMkernel source code. VMware director of platform security Iain Mulholland acknowledged the breach on Sunday and confirmed the source code, dating from 1998-2004, is related to code posted in April and May.

For the third time this year, VMware ESX source code has been posted online. A hacker known as Stun claiming to be affiliated with Anonymous tweeted a link to a torrent site hosting the stolen VMkernel source code. VMware director of platform security Iain Mulholland acknowledged the breach on Sunday and confirmed the source code, dating from 1998-2004, is related to code posted in April and May.

The source code download is almost 2MB in size and was posted early Sunday morning.

“VMware will try to make like this Kernel is old and isn’t used in its recent products. But thanks god, there is still such a thing as reverse engineering that will prove its true destiny,” wrote Stun, whose Twitter page said he is from the Netherlands. “Little sidenote about this release, it is the VMKernel from between 1998 and 2004, but as we all know, kernels don’t change that much in programs, they get extended or adapted but some core functionality still stays the same.”

Mulholland said VMware is investigating and urged customers to apply the latest ESX updates and security patches. “It is possible that more related files will be posted in the future,” Mulholland said.

That’s a similar warning to others Mulholland gave in April and May when the first batches of ESX source code was leaked online.

In April, Threatpost reported that the original source of the April leak could be an attack on the China Electronics Import & Export Corporation (CEIEC). An attack on VMware’s source code repository was not ruled out.

Mulholland, in an interview, said the leaked documents in April included internal VMware communications pasted onto CEIEC letterhead and also included email messages discussing code reviews and contextual notes added to the source code repository for developers’ reference.

The ESX architecture is a bare-metal hypervisor that manages virtual machines partitioned on physical hosts. It has since been replaced by ESXi where VMware agents run on the VMkernel.

Suggested articles

Venom vulnerability

Oracle Patches VENOM Vulnerability

Oracle on Saturday released its patch for the VENOM vulnerability, a guest escape flaw that affects many virtualization platforms.

Qubes OS Release Enhances Security Via Domain Isolation

With the deluge of malware and advanced attacks continuing unabated, security approaches that sandbox applications or isolate processes are garnering increased attention. Researcher Joanna Rutkowska and Invisible Things Lab were the latest to go in that direction with the official release on Tuesday of the Qubes operating system.

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.