Home
HomeEnterpriseSub projectInfoWe need you
Developers
Open LaboratoryIntegrate with applicationsCommunity artworksChangelogRoadmapWe need youSubmit a problem
Download
DownloadManual
News & Contact
Social & BlogContactForumSupport
RegisterLogin
Integration with Thunderbird Integration with Office Outlook Integration with Nextcloud Malware and Suspectware Integration with ClamAV ClamAV and PUA Virtual Machine threats Server threats EICAR and EICAR-like

Information

For your security
Never give out any banking or other information that is considered personal anywhere on the site.


What is a Virtual Machine


In computing, "virtual machine" has more than one meaning.
One of the most common meanings is being able to run an entire virtual computer within the physical computer.
With this technique it is possible for example to be able to run Linux in a Windows window or more Windows inside a Windows (similarly with Linux).
A virtual machine (in the same way as a physical PC) can be useful for a multitude of cases, but what makes it unique is the fact that the entire PC turns out to be a file (or a few files) and therefore can be moved and restored with ease.


Possible VM to PC cyber attacks


Nothing is 100% secure, in fact there is a category of cyber attack called "VM escaping", however these are rare and high value cyber attacks.
So for a common use Virtual Machines are an interesting tool that allows to isolate tools from the physical environment.
Some example:
CVE-2020-3962, CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3966, CVE-2020-3967, CVE-2020-3968, CVE-2020-3969, CVE-2020-3970, CVE-2020-3971: VMware ESXi, Workstation Pro / Player, Fusion Pro, Cloud Foundation: Vulnerabilities in SVGA, graphics shader, USB driver, xHCI/EHCI, PVNVRAM, and vmxnet3 can cause virtual machine escape.
CVE-2018-12130, CVE-2019-11135, CVE-2020-0548: ZombieLoad, ZombieLoad v2, Vector Register Sampling (VRS), Microarchitectural Data Sampling (MDS), Transactional Asynchronous Abort (TAA), CacheOut, L1D Eviction Sampling (L1DES): L1 cache side attacks on CPU level allow virtual machines to read memory outside of their sandbox
CVE-2019-5183 (critical), CVE-2019-5124, CVE-2019-5146, CVE-2019-5147: Windows 10 and VMWare Workstation using AMD Radeon graphics cards using Adrenalin driver: attacker in guest system can use pixel shader to cause memory error on the host system, injecting malicious code to the host system and execute it.


Possible PC to VM cyber attacks


it has been studied how a virtual machine can be hacked starting from the PC that hosts it (this clearly requires that the hacker has taken control of the host PC with other techniques).
This type of computer attacks are called "Hyperjacking".
More specifically Hyperjacking is an attack in which malicious control is taken over the hypervisor that creates the virtual environment.
With this technique the virtual machine will be completely unaware of the ongoing attack as it is taking place underneath it.
Example:
CVE-2015-3456: VENOM vulnerability 2004-2015 The existence of the vulnerability was due to a flaw in QEMU's virtual floppy disk controller

ADS
we are looking for sponsors, please contact us you may see your advertisement here


Filesanalizing2


Blockedvirus265


Honeypot189


URLanalizing1


Knowapps89644



This site uses cookies.
Some of these cookies are essential, while others help us to improve your experience by providing insights into how the site is begin used.
For more detailed information on the cookies we use, please check our Privacy Policy
Necesary Cookies
Necessary cookies enable core functionality. The website cannot function properly without these cookies.
Analytical cookies help us to improve our website by collecting and reporting information on its usage.
Social Sharing Cookies
We use some social sharing plugins, to allow uou to share certain pages of our website on social mesia.
These plugins place cookies so that you can correctly view how many times a page has been readed