Tuesday, April 20, 2021

Crisis Financial Malware Spreads Via Virtual Machines

InformationWeek: Security experts have issued warnings about new malware that appears to be a signed Adobe Flash player installer. The rootkit, known as Crisis, Morcut or Maljava, is a Java archive (JAR) file that can attack both Windows and OS X systems.

According to Symantec’s Takashi Katsuki, “The threat uses three methods to spread itself: one is to copy itself and an autorun.inf file to a removable disk drive, another is to sneak onto a VMware virtual machine, and the final method is to drop modules onto a Windows Mobile device.” The VMware attack vector is unique; Symantec says this is the first piece of malware it has seen that tries to propagate by virtual machine. Katsuki explained, “[Crisis] takes advantage of an attribute of all virtualization software: namely, that the virtual machine is simply a file or series of files on the disk of the host machine. These files can usually be directly manipulated or mounted, even when the virtual machine is not running.”

Similar articles

Latest Articles

IT Planning During a...

Without a doubt, 2020 changed everything. I like to compare it to a science fiction movie where time travel is involved. Clearly, we have...

Best Data Quality Tools...

Data quality is a critical issue in today’s data centers. The complexity of the Cloud continues to grow, leading to an increasing need for...

NVIDIA’s New Grace ARM/GPU...

This week is NVIDIA’s GTC, or GPU Technology Conference, and they likely should have changed the name to ATC because this year – it...

What is Data Segmentation?

Definition of Data Segmentation Data segmentation is the process of grouping your data into at least two subsets, although more separations may be necessary on...