October 22, 2016

VMWare ESX Source Code Stolen – Starts to Leak onto Internet

(LiveHacking.Com) – VMware has confirmed that the source code for its ESX hypervisor has been stolen and portions of it are starting to appear on the Internet. Iain Mulholland, the Director of the VMware Security Response Center, wrote that they are “aware of the public posting of a single file from the VMware ESX source code and the possibility that more files may be posted in the future. The posted code and associated commentary dates to the 2003 to 2004 timeframe.”

The hacker, named Hardcore Charlie, is claiming that the code was stolen from the military contractor China National Import & Export Corp (CEIEC), however they are reporting that such claims are “totally groundless, highly subjective and defamatory.”

“The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers,” added Iain Mulholland. In the same blog post VMware acknowldged that it shares its source code and interfaces with others companies. Which seems to lend credence to Hardcore Charlie’s claims about the CEIEC breach.

The header file (vmkemit.h) posted by the hacker carries a 1998 copyright date stamp and lists a set of code emission macros for base x86 architecture used by vmkernel.

Hardcore Charlie published the code in a rather incoherent posting to pastebin that also talks about alleged collusion between CITEC and Western military and terrorist organisations: “we want to make it clear that CEIEC is engaged in a criminal activity with Ukraine and Russian officials as of supplying Ukraine and Russia with US army information for the terrorists.” 

The hacker has also threatened to release the source code for EMC.