It gets the credentials from the client attaching to vSphere for a start. They are often Internet connected or have an email client set-up on it, so a phishing email would be a good vector...
Not a member of The Register?
Create a new account
Remember me on this computer?
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2021