Yes hyperjacking attacks are real

For decades, the security agencies warned of hacking techniques virtualization. As it seems a he has put it into practice.

Virtualization software offers a way to multiply computing efficiency by hosting entire collections of computers as “” on a single computer. hyper virtualization

Security researchers have long warned about the potential dark side of this technology: theoretical attacks “” and “Blue Pill”, where hackers hijack virtualization to spy on and manipulate virtual machines, with no way to detect the intrusion. This insidious spying eventually went from the research papers that brought the warnings to a mysterious hacker group that has carried out a bunch of hyperjacking attacks.

Today, the security company owned by Google and virtualization company VMware have published shared warnings that a sophisticated hacker group is installing backdoors in VMware's virtualization software. By planting their own code on the victims' so-called hypervisors—the VMware software that runs on a physical computer to manage all the virtual machines it hosts—the hackers were able to monitor and invisibly run commands on the computers overseen by those hypervisors.

esxi one fig1

And because the malicious code targets the of physics and not virtual machines, the hacker's ploy avoids almost all traditional security measures designed to of these target machines.

Mandiant consultant Alex Marvi says his company discovered the hackers earlier this year and disclosed their practices to VMware. Researchers report that they have seen the group perform virtualization hacking – a which was historically called hyperjacking – in 10 or so victims across North America and Asia.

Mandiant says the hackers have not been identified as any known group, but appear to be linked to China.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
hyperjacking

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).