Crisis Believed to be First Malware Infecting Virtual Machines

[Guest]

Crisis, a previously detected trojan, has turned out to be much more sophisticated malware than originally described.

Crisis Believed to be First Malware Infecting Virtual Machines : Read more

 

[master_chen]

NOOOOOOOOOOOOOOO~

 

[jaquith]

Well that sucks! It's going to be hard to get a handle on that one, just add one more JAVA exploit to the list.

 

[mylloc]

now, can it run crysis?

 

[JOSHSKORN]

LOL @ "infecting MACs". Yeah, I've heard this one before.,.."MACs don't get viruses"...

 

[master_chen]

[citation][nom]mylloc[/nom]now, can it run crysis?[/citation]
It runs on Crysis.

 

[Guest]

Now, I see that it can infect VMs through the host, but is the reverse true? Can the host be infected by a virus through the VM?

 

[spartanmk2]

Java is malware by itself.

 

[manicmike]

Now, I see that it can infect VMs through the host, but is the reverse true? Can the host be infected by a virus through the VM?

Excellent question... I expect we'll here more about this in a couple months (after it does some real damage). Just cuz they found one variant doesn't mean the threat is over... Just means they've identified one new family of threats to keep an eye one.

 

[nforce4max]

This is why I keep most of my machines of the net from now on, second those bloated windows updates grrr.

 

[jhansonxi]

[citation][nom]M1A1D[/nom]Now, I see that it can infect VMs through the host, but is the reverse true? Can the host be infected by a virus through the VM?[/citation]Yes - in theory. The closest I've heard of is an exploit against the Xbox 360 VM which allowed virtualized software (most everything on the console) to get access to the hardware. But it was only used by some hackers to install Linux on it.

 

[Maxor127]

That's why I use Noscript with Java disabled.

 

[Hiii]

You guys hate Java?, and if you do, why?

 

[mouse24]

[citation][nom]nforce4max[/nom]This is why I keep most of my machines of the net from now on, second those bloated windows updates grrr.[/citation]

So you keep most of your machines from the net because things are "distributed via social engineering and tricks a user into running a Java applet Flash installer."? I take it you don't have a phone either because someone keeps tricking you into sending money to a prince in india? You can turn off windows updates btw. Though you should keep installing the security patches.

 

[danwat1234]

I guess an encrypted VM volume would prevent this from happening?

 

[fb39ca4]

lol I just read the Crysis 3 article then I was like WTF since when is Crysis malware?

 

[Marcus52]

[citation][nom]Hiii[/nom]You guys hate Java?, and if you do, why?[/citation]

Did you read the article?

"Crisis is distributed via social engineering and tricks a user into running a Java applet Flash installer."

Java is a security risk, and Flash is even worse. It's not a matter of "hating Java", it's a matter of caring about security when you connect to the internet.

 

[A Bad Day]

"Cloud computing is the future"

And so are the new breeds of malware...

 

[in_the_loop]

[citation][nom]Marcus52[/nom]Did you read the article?"Crisis is distributed via social engineering and tricks a user into running a Java applet Flash installer."Java is a security risk, and Flash is even worse. It's not a matter of "hating Java", it's a matter of caring about security when you connect to the internet.[/citation]

Now, don't put java and flash in the same bracket.
Many people seems to confuse java with javascript, which are two completely separate things.
For example, when it is said that the chrome browser is really fast for java, it is really implicated to mean that it is fast for javascript, not Java the language.
Most security risks come from javascript, the java language isn't nearly as common as javascript on the web.
And the so often nagging "update java" from oracle that have you update java manually has nothing to do with the javascript that many people really think is java.
And in this exploit there is a third thing, java-applet, which is based on java the language, not javascript.

Somebody else talked about using "noscript" to block java. I don't use noscript, but isn't that blocking javascript and not java? Or is it blocking both?

 

[Hiii]

[citation][nom]Marcus52[/nom]Did you read the article?"Crisis is distributed via social engineering and tricks a user into running a Java applet Flash installer."Java is a security risk, and Flash is even worse. It's not a matter of "hating Java", it's a matter of caring about security when you connect to the internet.[/citation]

I did not, thank you for the answer.

 

[the_brute]

Sad. but now they know that it can happen and now start the hunt instead of the "phantom if". As for windows updates please tell me you are getting the security updates at least, an updated Windows is hard to get into. @in_the_loop thanks for posting that early.
That said I hate all the Java & Flash exploits.

 

[Camikazi]

[citation][nom]nforce4max[/nom]This is why I keep most of my machines of the net from now on, second those bloated windows updates grrr.[/citation]
You know that those Windows Updates that you hide from patch and fix security holes and vulnerabilities that popup. Staying away from them just makes your computer more vulnerable for that one day that you do put them online.

 

[eddieroolz]

I read that as Crysis...my bad...

 

[azxcvbnm321]

Those Windows Updates usually come AFTER a threat has exploded and inflected millions of users already. But at least Microsoft tries to get the fix out as fast as possible. Adobe blatantly lets security holes stay unfixed for months on end, that's why I hate them. The last few viruses I've gotten have all been from Flash or Adobe's PDF Reader.