[WEBINAR] Better to Ask Permission? Best Practices for Privacy and Security

Virtual Machine Hyper Jumping (VM Jumping)

Definition - What does Virtual Machine Hyper Jumping (VM Jumping) mean?

Virtual machine hyper jumping (VM jumping) is an attack method that exploits the hypervisor’s weakness that allows a virtual machine (VM) to be accessed from another. The vulnerabilities allow remote attacks and malware to compromise the VM’s separation and protections, making it possible for an attacker to gain access to the host computer, the hypervisor and other VMs, in addition to being able to jump from one VM to another.

Virtual machine hyper jumping is also known as virtual machine guest hopping (VM guest hopping).

Techopedia explains Virtual Machine Hyper Jumping (VM Jumping)

Virtual machine hyper jumping exploits are designed to compromise a VM, which is then used to access or launch attacks against other VMs or hosts. This is usually done by targeting and accessing a less secure VM on a host, which is then used as the launch point for further attacks on the system.

In some severe attacks, two or more VMs may be compromised and used to launch attacks against the more secured guests or hypervisor. A compromised guest can also exploit an insecure virtual environment and spread the attack across several networks.

These attacks can occur due to:

  • Insecure operating systems like older versions of Windows, which do not have modern security features such as protection against poison cookies, memory address layout randomization and hardened stack

  • VM traffic to and from an external network utilizes the two-layer bridge, where all traffic passes through the same set of network interface cards (NICs). An attacker may overload the switch, and in order to preserve its performance, the switch pushes all data packets out on its ports. This action makes it a dumb hub, with no security usually offered by a switch.

Virtual machine hyper jumping can be prevented using various methods, including:

  • Grouping and separating the uplinks to separate the Web-facing traffic from the database traffic and prevent the database server from directly accessing the internal network

  • Using private VLANs to hide the VMs from one another and only allow the guest machines to talk to the gateway

  • Using the latest and most secure operating systems with up-to-date security patches
Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.