Marc Maiffret, chief technology officer, BeyondTrust
October 01, 2012
Threat of the month

Threat of the month: Anti-virtualization malware

IE exploits are the "Threat of the Month"
IE exploits are the "Threat of the Month"
What is it?
When a virtualized system is detected, historically most malware will exit. However, there is a trend underway with malware that is specifically targeting virtual machines should it successfully compromise a physical machine.

How does it work?
A piece of malware essentially looks for any VMware machines on a system and accesses the virtual machine images to place malware that will automatically activate on a system boot-up. 

Should I be worried?
Virtualization is the future and malware writers can no longer miss out on compromising virtualized systems just as they do physical ones.

How can I prevent it?
You can prevent such malware with traditional methods, such as anti-virus software which will easily detect virual malware such as Crisis. Using proper endpoint security solutions, whitelisting and locked-down network and system-configurations should help.

From the October 2012 Issue of SCMagazine »
Related Articles
Related Topics

Sign up to our newsletters

More in News

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.

WordPress tightens security with two-factor authentication

The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.

Microsoft fixes three "critical" flaws with Patch Tuesday release

The biggies are two vulnerabilities in Internet Explorer and a single weakness in Remote Desktop Connection.