Skip to main content

New Malware Targets Mobile Devices and Virtual Machines

By August 24, 2012June 28th, 2021Cybersecurity

Research indicates that a there is a new virus on the loose. Dubbed “Crisis,” the malware is capable of spreading to four different platforms, including Windows, Mac OSX, Windows mobile devices, and VMware virtual machines.

Crisis was first labeled exclusively a Mac Trojan that generally tracked websites and recorded emails and instant message conversations. However, Integro and Symantec have both found that the virus targets Windows and OSX users and, surprisingly, virtual machines. “This may be the first malware that attempts to spread onto a virtual machine,” Katsuki, an employee at Symantec, wrote in a blog post Monday. “Many threats will terminate themselves when they find a virtual machine monitoring application, such as VMware, to avoid being analyzed, so this may be the next leap forward for malware authors.”

Crisis works by tricking computer users into installing a Java archive file that pretends to be an update to Adobe Flash. Once the virus has been installed, the malware identifies the machine’s OS and “adjusts” itself in the executable files as necessary.

Crisis then searches for a VMware virtual machine on the infected computer, and copies itself onto the image it finds using the VMware Player tool. The VMware Player tool allows for multiple operating systems to run on the same computer simultaneously. “It does not use a vulnerability in the VMware software itself,” the blog post from Symantec indicated. “It takes advantage of an attribute of all virtualization software: namely that the virtual machine is simply a file or series of files on the disk of the host machine. These files can usually be directly manipulated or mounted, even when the virtual machines is not running.”

The Windows “version” of Crisis can infect Windows phones that are connected to the computer at the time, however it cannot infect Android or iOS phones as of current.

Symantec says that they have active copies of the virus and are working on a solution currently.

 

Jason Manteiga

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.

Leave a Reply