The security industry is overreacting to the recently discovered Crisis malware infecting VMWare virtual machines, according to security firm Trend Micro.
Trend Micro claimed that despite being the first malware to be uncovered infecting virtual machines, the Crisis malware is not as bad as many vendors would have you believe.
"I think its been overplayed as the malware's not using a vulnerability to infect machines," Trend Micro security director Rik Ferguson told V3.
"If it was a vulnerability it would be something that needs patching, it may even be a zero day vulnerability meaning it couldn't be patched. But the mechanism used by the malware, mounting onto a virtual file system, is part of how virtual systems work."
Ferguson's comments refer to the two types of hypervisor deployments used for virtualisation today.
"There are two types of hypervisor deployments in virtual machines, type one that replaces the operating system, and type two where the hypervisor runs on top of the host OS. Crisis is only affecting the type two deployment," he said.
Ferguson went on to clarify that because it only affects host OS deployments, Crisis could be stopped and removed with most current security software.
Crisis was originally uncovered by Symantec and Kaspersky Lab in July, targeting businesses with social engineering attacks that tricked users into running a malicious Java applet. The malware was later discovered to be far more complex than first thought, being able to infect virtual machines.
"I think it's the first malware ever to be discovered infecting virtual machines," said Ferguson.
"Traditionally most malware was designed to self destruct when it comes across a virtual machine."
Looking to the future, Ferguson warned that while the malware is not as bad as first reported, it does showcase an evolution in cyber criminals' tactics.
"If something is successful criminals will reuse it. What this shows is that criminals have realised the reality of virtual machines and enterprise," Ferguson told V3.
"They've realised they can't afford to ignore virtual machines anymore."
Ferguson's comments follow on from warnings from numerous security providers that cyber criminals are developing new advanced ways to target businesses.
Dubbed Antlia 2, the ghost galaxy sits just 130,000 light-years away from the Milky Way
Delays to the roll-out of age verification for adult websites hasn't stopped government from considering extending them to more websites
Bluehole confirms rumours that Playstation 4 port is coming on 7 December
Atmospheric iodine works as a significant sink of tropospheric ozone, nullifying the harmful pollutant