Incident Response, Malware, Network Security, TDR

Threat of the month: Anti-virtualization malware

What is it?
When a virtualized system is detected, historically most malware will exit. However, there is a trend underway with malware that is specifically targeting virtual machines should it successfully compromise a physical machine.

How does it work?
A piece of malware essentially looks for any VMware machines on a system and accesses the virtual machine images to place malware that will automatically activate on a system boot-up. 

Should I be worried?
Virtualization is the future and malware writers can no longer miss out on compromising virtualized systems just as they do physical ones.

How can I prevent it?
You can prevent such malware with traditional methods, such as anti-virus software which will easily detect virual malware such as Crisis. Using proper endpoint security solutions, whitelisting and locked-down network and system-configurations should help.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.