News

ESX Source Code Leaked, But Customers Not In Danger So Far, Says VMware

Leaked code may have originated with a partner in China who was targeted by hackers.

• By Michael Domingo
• 04/25/2012

VMware in a blog posted on its site confirmed that code for its ESX hypervisor technology was leaked online. Iain Mulholland, director of VMware's security response team, said through the short post that the company was recently made aware of the leaked code, and included some communication among developers that was written about nine years ago. He also said the team is investigating the extent of the leak and the consequential damage that may result from it. So far, he said that there have been no indications of ESX customers being affected or compromised by the leaked code.

VMware does share bits of code with partners, as indicated by Mulholland's note, but doesn't single out any of the leaky endpoints. But Paul Roberts, who's the editor of Kasperky Labs' Threatpost blog, offers an intriguing chronicle of events, with all indications pointing to the leaked code originating from the network of the China Electronics Import & Export Corporation. CEIEC was among dozens of firms targeted for attack by a hacker known as "Hardcore Charlie" who was able to infiltrate the company's servers after stealing credentials to many thousands of accounts on the Sina.com Web site. Whether that company is a VMware partner is unknown. In any event, Roberts writes that the hacker's haul includes terabytes of data, of which the VMware source code and e-mail exchanges comprised about 300MB's worth.

VMware is only a small piece of the story, and the bigger picture is that the hacks have major international security implications. Roberts said that he has exchanged e-mails with the U.S. Cyber Command, who would only go so far as to say that it's aware of the leaks.