http://msec2nnqtbwh5c5yxpiswzwnqperok5k33udj7t6wmqcleu3ifj34sqd.onion/posts/opsec/cloud_provider_adversary/index.html
Malicious Libvirt or Xen Interception Attack Bob modifies the hypervisor’s behavior to manipulate network, disk, or
console input/output in real time. Can inject fake SSH authentication
prompts or steal plaintext database queries before they reach encrypted
storage. Countermeasures None, this would be undetectable from within the VPS.