Many malicious software programs used to make a quick exit on virtual machines, a tactic designed to avoid a security check. But that isn’t the case anymore, according Symantec research.
As companies increasingly use VMs in operational environments, malware writers are largely trying other methods to avoid detection. It means that simply running VMs won’t be enough to scare away malware.
Symantec studied 200,000 malware samples submitted by its customers since 2012. It ran the samples on a VM and a non-VM machine to see which ones would stop working when a VM was detected.
Just 18 percent of malware programs studied stop executing when a VM is detected, wrote Candid Wueest, a threat researcher, in a blog post Tuesday.
To read this article in full or to leave a comment, please click here