VMware ESX source code 'leaked online'
VMware has warned its users after fragments of its ESX virtualisation software source code appeared online.
Documents appeared on image-sharing site Imgur and code sharing site Pastebin, often used by hackers to leak contents of network breaches.
Iain Mulholland, director of VMware's Security Response Center, said despite the code leak, it "does not necessarily mean that there is any increased risk to VMware customers," and takes the matter of security seriously. The company said it is engaging with "internal and external resources".
Kaspersky's Threatpost said that the hacker claims to have hacked China's National Electronics Import and Export Corp. (CEIEC) in March, which led to other information being leaked. Samples of VMware's code have already been released, with promises of more CEIEC data in May, after the hacker claimed he was investigating U.S. military activities.
CEIEC denied the claims calling them "totally groundless, highly subjective and defamatory."
The hack appears to be of a similar nature to how Symantec's legacy anti-virus source code was leaked after an Indian intelligence service network was hacked, though VMware did not respond to questions at the time of publication.
Over half of datacenters run virtualisation, making virtual infrastructures a prime target for attacks, one analyst said.
Related: