InfoWorld

Crisis malware infects VMware virtual machines, researchers say

The Windows version of Crisis, a piece of malware discovered in July, is capable of infecting VMware virtual machine images, Windows Mobile devices, and removable USB drives, according to researchers ...
Hackaday

Making A Virtual Machine Look Like Real Hardware To Malware

Running suspicious software in a virtual machine seems like a basic precaution to figure out whether said software contains naughty code. Unfortunately it’s generally rather easy to detect whether or ...
Hosted on MSN

Russian hackers hit Windows machines via Linux VMs with new custom malware

Curly COMrades deployed Alpine Linux VMs on Windows hosts to hide reverse-shell malware activity VM traffic tunneled via host IP, bypassing traditional EDR and masking outbound communications Targets ...
CSOonline

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive names using Windows’ own bare-metal hypervisor. Cyberespionage groups are ...