Virtual Machines rise up against first-known malware threat

A sneaky malware virus that infects virtual machines residing on Windows operating systems and Mac OS systems, maybe the first of its kind, takes special advantage of a feature common to all virtualization software (namely physical files residing on physical disks) to mount virtual disks and then copy itself onto those disks.

It’s important to stress that this does not reflect a flaw in cloud computing software, but rather a typical example of a virus attempting to exploit known features inherent to all software, which is simply a collection of physical files.

“This virus spreads to systems running Windows through social engineering. Users must install a masqueraded JAR file. Symantec discovered that once the virus is present on a Windows system, the malware tries to infect virtual machines that reside on the PC,” said VMware.

First discovered by Symantec, it appears to be designed to steal personal financial information and has been christened “Crisis”.

However, VMware, one of the leaders in cloud computing software, has issued these instructions to minimize risks and isolate the attack on Windows OSs that may be running, for instance, VMware Workstation.

  • Practice safe browsing. Do not visit untrusted Web sites.
  • Do not open untrusted files downloaded from the Web.
  • Run anti-virus software and keep it up-to-date.
  • Keep current with Windows updates.

Additional measures include:

  • The Crisis virus cannot infect encrypted virtual machines. VMware Workstation has a feature that allows encryption of virtual machines.
  • Consider using third-party whole-disk encryption tools in the virtual machine
  • If VMware Workstation or Player is used to create virtual machines that are later used on ESX/ESXi hosts, take care that the systems on which virtual machines are created are secure and regularly audited.

VMware and hosting providers like Virtual Internet use a mixture of security devices including firewalls, encryption and other “hardening devices” to safeguard cloud interfaces and the underlying “hypervisor” which manages the execution of guest operating systems including Linux and Windows.

Pathway to malware infection on virtual machine

This article was brought to you by, for dedicated server hosting, cloud servers and 24/7 support visit our site here

One Comment

Leave a Reply

You must be logged in to post a comment.

Stop blending in with the rest of the crowd and start leaving your mark on the web