National Cyber Warfare Foundation (NCWF) Forums


Cyberespionage group developed backdoors tailored for VMware ESXi hypervisors


0 user ratings
2022-09-30 22:15:09
milo
Education

Researchers have identified a new malware family that was designed to backdoor and create persistence on VMware ESXi servers by leveraging legitimate functionality the hypervisor software supports. According to researchers from Mandiant who found and analyzed the backdoors, they were packaged and deployed on infected servers as vSphere Installation Bundles (VIBs). VIBs are software packages used to distribute components that extend VMware ESXi functionality. The malicious VIBs provided hackers with remote command execution and persistence capabilities on the servers and the ability to execute commands on the guest virtual machines running on the servers.

To read this article in full, please click here



Researchers have identified a new malware family that was designed to backdoor and create persistence on VMware ESXi servers by leveraging legitimate functionality the hypervisor software supports. According to researchers from Mandiant who found and analyzed the backdoors, they were packaged and deployed on infected servers as vSphere Installation Bundles (VIBs). VIBs are software packages used to distribute components that extend VMware ESXi functionality. The malicious VIBs provided hackers with remote command execution and persistence capabilities on the servers and the ability to execute commands on the guest virtual machines running on the servers.

To read this article in full, please click here



Source: csoOnline
Source Link: https://www.csoonline.com/article/3675555/cyberespionage-group-developed-backdoors-tailored-for-vmware-esxi-hypervisors.html#tk.rss_all


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Education



© Copyright 2012 through 2022 - National Cyber War Foundation - All rights reserved worldwide.