>Yeah it doesn't work like that. Person starts VPN app and it kills all other internet traffic on the machine,enters VPN password, then if all is good they can enter the RSA key. ...so not really something that can be hijacked from the internet as no traffic other than the local intranet is allowed at that point. There are no browser credentials of any use outside the intranet.
>

First thought would be to check if VPN app started from a VM kills:
a) all access from physical host (including other guest VM) to directory structure available/reachable to "VPN app VM"
b) internet traffic of all other VM running on same physical host

Snooping can happen via odd paths ;-)