InfoWorld

Crisis malware infects VMware virtual machines, researchers say

The Windows version of Crisis, a piece of malware discovered in July, is capable of infecting VMware virtual machine images, Windows Mobile devices, and removable USB drives, according to researchers ...
InfoWorld

Malware no longer avoiding virtual machines

Symantec finds most malware these days doesn't quit on VMs, which used to be a tactic to avoid security checks Many malicious software programs used to make a quick exit on virtual machines, a tactic ...
Hackaday

Making A Virtual Machine Look Like Real Hardware To Malware

Running suspicious software in a virtual machine seems like a basic precaution to figure out whether said software contains naughty code. Unfortunately it’s generally rather easy to detect whether or ...
CSOonline

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive names using Windows’ own bare-metal hypervisor. Cyberespionage groups are ...
Hosted on MSN

Russian hackers hit Windows machines via Linux VMs with new custom malware

Curly COMrades deployed Alpine Linux VMs on Windows hosts to hide reverse-shell malware activity VM traffic tunneled via host IP, bypassing traditional EDR and masking outbound communications Targets ...