Tuesday, April 21, 2009

mal-machine mark 1

Reuven at Elastic Vapor posted Introducing The Virtual Machine Trojan on a PoC tool called ViMtruder. It demonstrates Kris Buytaert's concerns on portability of malicious code inside VMs, but I still believe that downloading a random VM from an untrusted source without doing your due diligence is asking for trouble, whether or not this trojan was available.


  1. How is this any different from any other piece of software created since the start of [unix] time?


  2. Sam - you're absolutely right, it's not, that's the point - I don't think the trojan in a VM makes any difference. If people are willing to download code (or a VM) from an untrusted source, the existence of ViMtruder doesn't make you any worse off security wise.