Russian hackers hit Windows machines via Linux VMs with new custom malware

Russian hackers known as Curly COMrades have been seen hiding their malware in Linux-based virtual machines (VM) deployed on ...
The Hacker News

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

"By isolating the malware and its execution environment within a VM, the attackers effectively bypassed many traditional host ...
Cybernews

Russian hackers sneak a full Linux virtual machine inside Windows to run undetected

Russian hackers are abusing Microsoft Hyper-V to create a hidden Linux virtual machine within the victim’s host, enabling ...

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response ...
The Register on MSN

Russian spies pack custom malware into hidden VMs on Windows machines

Curly COMrades strike again Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses ...
Bleeping Computer

NPM nukes NodeJS malware opening Windows, Linux reverse shells

NPM has removed multiple packages hosted on its repository this week that established connection to remote servers and exfiltrated user data. These 4 packages had collected over 1,000 total downloads ...
CSO Online

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive ...
ZDNet

Three npm packages found opening shells on Linux, Windows systems

Three JavaScript packages have been removed from the npm portal on Thursday for containing malicious code. According to advisories from the npm security team, the three JavaScript libraries opened ...