[akireu]

A decade ago, an article [1] was published in the Russian "Hacker" magazine where the author alleged that a Russian OEM manufacturer's motherboard sourced from China had a BMC chip (which should've been disabled as per the mobo spec) inject a hypervisor into the host machine.

It was, again, allegedly, discovered because the author was developing some kind of distributed computing software that required a hypervisor of its own, and this exact mobo was crashing in a way that was consistent with a hypervisor being already present. The author goes further to describe how he devised a way to consistently detect hypervisors by measuring platform register access timings, and tried to report the findings to the FSB (Russian CIA/FBI) to no avail.

I personally don't put much stock in the story, as the magazine was a rag and I could come up with something like that at the time, but there it is.

[1] https://xakep.ru/2011/12/26/58104/