InfoWorld

Crisis malware infects VMware virtual machines, researchers say

The Windows version of Crisis, a piece of malware discovered in July, is capable of infecting VMware virtual machine images, Windows Mobile devices, and removable USB drives, according to researchers ...
Hackaday

Making A Virtual Machine Look Like Real Hardware To Malware

Running suspicious software in a virtual machine seems like a basic precaution to figure out whether said software contains naughty code. Unfortunately it’s generally rather easy to detect whether or ...
Hosted on MSN

Russian spies pack custom malware into hidden VMs on Windows machines

Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving ...
CSOonline

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive names using Windows’ own bare-metal hypervisor. Cyberespionage groups are ...
Bleeping Computer

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run ...