All the latest UK technology news, reviews and analysis

VMware focused Crisis malware seen as hacker training exercise

31 Aug 2012
Concept image representing virus malware

Security vendors are in agreement that the recently discovered Crisis malware targeting VMware virtual machines is an interesting proof of concept nothing, but not something firms should be too concerned about.

Crisis was originally uncovered by Symantec and Kaspersky Lab in July, targeting businesses with social engineering attacks that tricked users into running a malicious Java applet.

The malware was later discovered to be far more complex than first thought, being able to infect virtual machines.

Security researchers from F-Secure, Kaspersky and Trend Micro told V3 that while Crisis's arrival is interesting, it is likely to be of little consequence.

"It's quite interesting, academically speaking. However, our response director doesn't really see the practical benefit in widespread adoption," F-Secure security analyst Sean Sullivan told V3.

"Looks more like an R&D operation than an evolution. At least for now. I'd be surprised if there was a particular target for this."

Kaspersky Labs' David Emm mirrored Sullivan's sentiment, saying it is unlikely the tactic will become more widely used by cyber criminals.

"I think it's too early to say if this particular method will be quickly followed by others. But it seems clear that the authors of this malware are trying to tap into the increasing use of virtualisation in businesses," concurred Emm.

Trend Micro security research director, Rik Ferguson had similarly moved to downplay the significance of Crisis earlier in the week.

"I think its been overplayed as the malware's not using a vulnerability to infect machines," Trend Micro security director Rik Ferguson told V3.

"If it was a vulnerability it would be something that needs patching, it may even be a zero day vulnerability meaning it couldn't be patched. But the mechanism used by the malware, mounting onto a virtual file system, is part of how virtual systems work."

Emm reiterated Ferguson's sentiment adding Crisis most alarming feature is that its shows how sophisticated cyber criminals malware creation techniques are.

"What's striking about this threat is its ability to infect VMware images. Malware writers are continually exploring new technologies and new ways of spreading their code," said Emm.

The three security researchers' comments follow on from warnings from Microsoft's Trustworthy Computing division that Europe's cyber crime industry is booming.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Windows 7 end of mainstream support

What are your plans for when Microsoft ends mainstream support for Windows 7 in January 2015?

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Test Analyst- Sheffield

Test Analyst - Sheffield Located - Sheffield Fruition...

IT Support Desk Team Leader – ITIL, Windows, SCCM, AD, Exchange

IT Support Desk Team Leader – ITIL, Windows, SCCM, AD...

Aplication Support Specialist - Equities

Asset Management - Application Support Specialist - Equities...

Test Analyst- Developer in Test- Linux- Java- London- Perm

Test Analyst - Developer in Test - Java- Linux- Automation...
To send to more than one email address, simply separate each address with a comma.