clock menu more-arrow no yes

Filed under:

VMware source code leaked, more files could be forthcoming

New, 15 comments

VMware has confirmed that source code for its ESX product was indeed stolen and posted into the wild, with a hacker going by the name Hardcore Charlie claiming responsibility.

Macbook keyboard macro
Macbook keyboard macro

Source code from VMware's ESX software product was posted on the internet, the company has confirmed — and the hacker claiming responsibility says he retrieved the code from a Chinese military contractor. VMware stated in a blog post yesterday that it had confirmed a single file had been posted, but that it doesn't anticipate its users being in any increased danger as it already shares its code with industry partners. The code in question was from a version of the ESX product circa 2003 to 2004, but VMWare does anticipate that additional files could be released in the near future.

Kaspersky Labs, meanwhile, reports that it spoke with a hacker named Hardcore Charlie that is claiming responsibility for the leak. Charlie told Kaspersky that he was able to download 300MB of files, including internal company documents, from the China Electronics Import & Export Corporation (CEIEC) back in March, utilizing a number of compromised email accounts from Chinese email-hosting company Sina.com. According the hacker, he was assisted in his efforts by YumaTough. If that names sounds familiar, it's because it is one of the parties associated with the recent theft and posting of Symantec source code (Hardcore Charlie also claims to be an associate of LulzSec's Hector Monsegur). Of course, why CEIEC would have had the source code in the first place appears to be an unanswered question. If it's related to any sharing of source code with the Chinese government remains to be seen.