Jump to content


Photo

Any malware that can break out of vmware?


  • Please log in to reply
1 reply to this topic

#1 nl255

nl255

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 24 October 2004 - 08:21 AM

I was wondering if there was any know adware/spyware/malware that can break out of a vmware session and infect the host OS. Apparently ezula, netpal, toprebates, gain, and new.net are not capable of that, and can be killed easily if the c: drive is a nonpersistant disk (all changes are discarded after powering down the VM). Supposedly there was an old DOS virus that could infect Macs if it was run under old versions of RealPC or SoftWindows, but it is possible that vmware provides a more isolated environment than those did.

#2 Misereor

Misereor

    Member

  • Full Member
  • Pip
  • 84 posts

Posted 25 October 2004 - 01:25 AM

Any malware that isn't stored on the WMWare virtual partition could potentially do it, if your other OS accesses the infected area.

That would mean bootsector- or firmware-vira.
(both of which are quite rare.)

<edit>
And ofcourse also any malware which spreads certain parts of the infection to network shares and such. What is relevant is that the malware is accessible by other OS'es.
</edit>

Edited by Misereor, 25 October 2004 - 01:30 AM.





Member of UNITE
Support SpywareInfo Forum - click the button