Threat of the month: Anti-virtualization malware

Share this article:
Threat of the month: pdf.exe.zip files
Threat of the month: pdf.exe.zip files
What is it?
When a virtualized system is detected, historically most malware will exit. However, there is a trend underway with malware that is specifically targeting virtual machines should it successfully compromise a physical machine.

How does it work?
A piece of malware essentially looks for any VMware machines on a system and accesses the virtual machine images to place malware that will automatically activate on a system boot-up. 

Should I be worried?
Virtualization is the future and malware writers can no longer miss out on compromising virtualized systems just as they do physical ones.

How can I prevent it?
You can prevent such malware with traditional methods, such as anti-virus software which will easily detect virual malware such as Crisis. Using proper endpoint security solutions, whitelisting and locked-down network and system-configurations should help.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.