Virtualisation vendor VMware has confirmed that the source code of its core hypervisor software has been leaked online.
The code was posted to text-sharing site Pastebin in early April, by a hacker going by the tag ‘Hardcore Charlie’. It was apparently stolen from the China Electronics Import & Export Corporation (CEIEC) in March. CEIEC denied the allegation at the time, calling the reports "totally groundless, highly subjective and defamatory".
In a blog post, the director of VMware’s Security Response Center, Iain Mulholland, acknowledged the exposure of VMware’s source code, but said the fact that the code had been shared publicly did not mean there was any risk to VMware customers.
"Our security team became aware of the public posting of a single file from the VMware ESX source code and the possibility that more files may be posted in the future. The posted code and associated commentary dates to the 2003 to 2004 timeframe," Mulholland wrote.
Kaspersky Lab analysed the attack and the release of the VMware source code, saying the event "looks like the IT equivalent of the Deepwater Horizon oil spill disaster", in a blog post.
Kaspersky interviewed ‘Hardcore Charlie’ over Internet Relay Chat (IRC), where he explained how he accessed CEIEC’s systems.
The hacker said he stole hundreds of thousands of encrypted account credentials for Sina.com, Chinese media company which owns social network, Weibo. He then cracked the cryptographic hashes used to secure the credentials and sought out interesting accounts in other areas where the same credentials could be used.
"One [he] stumbled upon was apparently used by a CEIEC subsidiary in India and contained the credentials for a range of VPN (Virtual Private Network) accounts that linked into CEIEC’s main corporate network," Kaspersky Labs wrote.
In the original Pastebin post, Hardcore Charlie said that there would a be a full release of everything stolen from CEIEC on May 5th.