Skip to main content

Slashdot: Mystery Hackers Are 'Hyperjacking' Targets for Insidious Spying

Mystery Hackers Are 'Hyperjacking' Targets for Insidious Spying
Published on September 30, 2022 at 12:55AM
For decades, security researchers warned about techniques for hijacking virtualization software. Now one group has put them into practice. From a report: For decades, virtualization software has offered a way to vastly multiply computers' efficiency, hosting entire collections of computers as "virtual machines" on just one physical machine. And for almost as long, security researchers have warned about the potential dark side of that technology: theoretical "hyperjacking" and "Blue Pill" attacks, where hackers hijack virtualization to spy on and manipulate virtual machines, with potentially no way for a targeted computer to detect the intrusion. That insidious spying has finally jumped from research papers to reality with warnings that one mysterious team of hackers has carried out a spree of "hyperjacking" attacks in the wild. Today, Google-owned security firm Mandiant and virtualization firm VMware jointly published warnings that a sophisticated hacker group has been installing backdoors in VMware's virtualization software on multiple targets' networks as part of an apparent espionage campaign. By planting their own code in victims' so-called hypervisors --VMware software that runs on a physical computer to manage all the virtual machines it hosts -- the hackers were able to invisibly watch and run commands on the computers those hypervisors oversee. And because the malicious code targets the hypervisor on the physical machine rather than the victim's virtual machines, the hackers' trick multiplies their access and evades nearly all traditional security measures designed to monitor those target machines for signs of foul play. "The idea that you can compromise one machine and from there have the ability to control virtual machines en masse is huge," says Mandiant consultant Alex Marvi. And even closely watching the processes of a target virtual machine, he says, an observer would in many cases see only "side effects" of the intrusion, given that the malware carrying out that spying had infected a part of the system entirely outside its operating system. Mandiant discovered the hackers earlier this year and brought their techniques to VMware's attention. Researchers say they've seen the group carry out their virtualization hacking -- a technique historically dubbed hyperjacking in a reference to "hypervisor hijacking" -- in fewer than 10 victims' networks across North America and Asia. Mandiant notes that the hackers, which haven't been identified as any known group, appear to be tied to China.

Read more of this story at Slashdot.

Comments

Popular posts from this blog

Slashdot: Spain-Backed Fund Joins FOSSA's Sovereign Satellite Communications Push

Spain-Backed Fund Joins FOSSA's Sovereign Satellite Communications Push Published on 2026-06-28T22:05:00Z Spanish startup FOSSA Systems "has raised about $10.5 million to expand its connectivity constellation," reports Space News, noting some funding is backed by Spain's government: The support from the Spanish Society for Technological Transformation (SETT) comes a year after the fund injected 14 million euros into Spain's Sateliot , which is also developing a satellite connectivity network with security and defense applications. Spanish private investment firm Kibo Ventures led FOSSA's funding round, the six-year-old venture announced June 24, bringing its total raised to date to nearly 20 million euros. The proceeds will help fuel FOSSA's push beyond the tiny picosatellites it once used to connect low-power monitoring devices toward larger cubesats in low Earth orbit, enabling additional sovereign communications and space-based intelligence capab...

Slashdot: AT&T Outlines $250 Billion US Investment Plan To Boost Infrastructure In AI Age

AT&T Outlines $250 Billion US Investment Plan To Boost Infrastructure In AI Age Published on 2026-03-10T20:00:00Z AT&T plans to invest more than $250 billion over the next five years to expand U.S. telecom infrastructure for the AI age. The company says it will also hire thousands of technicians while partnering with AST SpaceMobile to extend coverage to remote areas. Reuters reports: Rapid adoption of artificial intelligence, cloud computing and connected devices has prompted telecom operators to invest heavily in fiber and 5G networks as they also seek to fend off intensifying competition from cable broadband providers. AT&T, which has about 110,000 employees in the U.S., said the new hires will help build and maintain its infrastructure. The outlay includes capital expenditure and other spending, the company said. The spending will focus on expanding its fiber and wireless networks, including accelerating deployment of fiber broadband, 5G home internet and satellite co...