Malware ‘Crisis’ barges into virtual machines

K. V. Kurmanath Updated - March 12, 2018 at 03:29 PM.

Internet security solutions firm Symantec has identified a new malware for Mac called OSX.Crisis.

This malware can easily spread to different environments such as Mac, Windows, virtual machines and Windows Mobile. This may be the first malware that attempts to spread onto a virtual machine.

“Many threats will terminate themselves when they find a virtual machine monitoring application to avoid being analysed. So this may be the next leap forward for malware authors,” Shantanu Ghosh, Vice-President and Managing Director (India Product Operations) of Symantec, has said.

Symantec said the malware is using three ways to spread — copying itself as an autorun.inf file to a removable disk drive, sneaking into virtual machine, and dropping modules onto a Windows Mobile device.

The malware looks for a VMware virtual machine image on the compromised computer.

“If it finds an image, it mounts the image and then copies itself onto the image by using a VMware Player tool,” it said.

“Virtualisation presents organisations with tremendous opportunities, as well as some significant challenges. This transformative technology provides the basis for the convergence of mobile and cloud computing,” it said.

kurmanath.kanchi@thehindu.co.in

Published on August 22, 2012 10:42