Incident Response, Malware, Network Security, TDR

Threat of the month: Anti-virtualization malware

What is it?
When a virtualized system is detected, historically most malware will exit. However, there is a trend underway with malware that is specifically targeting virtual machines should it successfully compromise a physical machine.

How does it work?
A piece of malware essentially looks for any VMware machines on a system and accesses the virtual machine images to place malware that will automatically activate on a system boot-up. 

Should I be worried?
Virtualization is the future and malware writers can no longer miss out on compromising virtualized systems just as they do physical ones.

How can I prevent it?
You can prevent such malware with traditional methods, such as anti-virus software which will easily detect virual malware such as Crisis. Using proper endpoint security solutions, whitelisting and locked-down network and system-configurations should help.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

ACK PiggybackingAdwareBerkeley Internet Name Domain (BIND)Black HatBoot Record InfectorBridgeBroadcastDomain Name System (DNS)Drive-by DownloadStimulus

You can skip this ad in 5 seconds