InfoWorld

Crisis malware infects VMware virtual machines, researchers say

The Windows version of Crisis, a piece of malware discovered in July, is capable of infecting VMware virtual machine images, Windows Mobile devices, and removable USB drives, according to researchers ...
Hackaday

Making A Virtual Machine Look Like Real Hardware To Malware

Running suspicious software in a virtual machine seems like a basic precaution to figure out whether said software contains naughty code. Unfortunately it’s generally rather easy to detect whether or ...
InfoWorld

Malware no longer avoiding virtual machines

Symantec finds most malware these days doesn't quit on VMs, which used to be a tactic to avoid security checks Many malicious software programs used to make a quick exit on virtual machines, a tactic ...
CSOonline

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive names using Windows’ own bare-metal hypervisor. Cyberespionage groups are ...
Bleeping Computer

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run ...
Hosted on MSN

Russian hackers hit Windows machines via Linux VMs with new custom malware

Curly COMrades deployed Alpine Linux VMs on Windows hosts to hide reverse-shell malware activity VM traffic tunneled via host IP, bypassing traditional EDR and masking outbound communications Targets ...