Russian spies pack custom malware into hidden VMs on Windows machines

News
Yanac

Curly COMrades strike again
Russia’s Curly COMrades is abusing Microsoft’s Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving the spies long-term network access to snoop and deploy malware.…The RegisterRead More