Sign in / up

back to article Russian spies pack custom malware into hidden VMs on Windows machines

Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving the spies long-term network access to snoop and deploy malware. "This hidden environment, with its lightweight footprint (only …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. IGotOut Silver badge

    Moldova.

    If you are unaware why the Russians targeted a Moldovan energy company, this will help explain why.

    https://apnews.com/article/eu-moldova-energy-russia-cuts-gazprom-3657d8204486044384a4b1a3b8105446

    8 1 Reply
  2. Irongut Silver badge

    WTF is EDR?

    The linked article does not explain this acronym either.

    0 0 Reply
    1. Apocalypso - a cheery end to the world Bronze badge
      Reply Icon

      Re: WTF is EDR?

      Last line of the 3rd paragraph

      4 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon