Virtual machine hyper jumping definition
Virtual machine hyper jumping is a method attackers use to take advantage of weaknesses in the virtualization software (hypervisor) that manages multiple virtual machines on a single physical computer. When an attack is successful, the hacker can break the isolation between VMs, which typically operate as separate machines. This lack of isolation may compromise the host computer, the hypervisor, and other virtual machines. VM jumping is also known as virtual machine guest hopping.
See also: host virtual machine
How VM jumping works
- Attackers look for security weaknesses, often in less secure VMs, that can be used to access that VM.
- Once inside a compromised VM, the attacker can launch further attacks, potentially targeting other VMs or the hypervisor itself.
- In severe cases, attackers can compromise multiple VMs and use them to attack more secure VMs or the hypervisor.
- The attack can also spread across different networks if the virtual environment doesn’t have proper security measures.
Why VM jumping attacks happen
- Outdated operating systems. When VMs run on older operating systems, they often lack modern security features. These systems may not have protections against advanced attack techniques (e.g., memory address layout randomization or hardened stack defenses). Attackers target these vulnerabilities because they’re easier to exploit.
- Outdated network configurations. In some virtualized environments, network traffic from different VMs is not separated in the best way. This means that VMs with different security requirements and purposes share the same network, making it easier for an attacker who gains access to one VM to move and compromise others.