All the latest UK technology news, reviews and analysis

VMware focused Crisis malware seen as hacker training exercise

31 Aug 2012
Concept image representing virus malware

Security vendors are in agreement that the recently discovered Crisis malware targeting VMware virtual machines is an interesting proof of concept nothing, but not something firms should be too concerned about.

Crisis was originally uncovered by Symantec and Kaspersky Lab in July, targeting businesses with social engineering attacks that tricked users into running a malicious Java applet.

The malware was later discovered to be far more complex than first thought, being able to infect virtual machines.

Security researchers from F-Secure, Kaspersky and Trend Micro told V3 that while Crisis's arrival is interesting, it is likely to be of little consequence.

"It's quite interesting, academically speaking. However, our response director doesn't really see the practical benefit in widespread adoption," F-Secure security analyst Sean Sullivan told V3.

"Looks more like an R&D operation than an evolution. At least for now. I'd be surprised if there was a particular target for this."

Kaspersky Labs' David Emm mirrored Sullivan's sentiment, saying it is unlikely the tactic will become more widely used by cyber criminals.

"I think it's too early to say if this particular method will be quickly followed by others. But it seems clear that the authors of this malware are trying to tap into the increasing use of virtualisation in businesses," concurred Emm.

Trend Micro security research director, Rik Ferguson had similarly moved to downplay the significance of Crisis earlier in the week.

"I think its been overplayed as the malware's not using a vulnerability to infect machines," Trend Micro security director Rik Ferguson told V3.

"If it was a vulnerability it would be something that needs patching, it may even be a zero day vulnerability meaning it couldn't be patched. But the mechanism used by the malware, mounting onto a virtual file system, is part of how virtual systems work."

Emm reiterated Ferguson's sentiment adding Crisis most alarming feature is that its shows how sophisticated cyber criminals malware creation techniques are.

"What's striking about this threat is its ability to infect VMware images. Malware writers are continually exploring new technologies and new ways of spreading their code," said Emm.

The three security researchers' comments follow on from warnings from Microsoft's Trustworthy Computing division that Europe's cyber crime industry is booming.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

ASP .NET Web Developers (C#)

.Net / C# / ASP . NET / MVC / SQL We are looking...

Senior Web Designer

Bit Zesty are a digital design and development agency...

ICT Data Analyst (Contract) – Waste Management

We are currently seeking a Data Analyst to join the busy...
To send to more than one email address, simply separate each address with a comma.