Tuesday, April 21, 2009

mal-machine mark 1

Reuven at Elastic Vapor posted Introducing The Virtual Machine Trojan on a PoC tool called ViMtruder. It demonstrates Kris Buytaert's concerns on portability of malicious code inside VMs, but I still believe that downloading a random VM from an untrusted source without doing your due diligence is asking for trouble, whether or not this trojan was available.

2 comments:

  1. How is this any different from any other piece of software created since the start of [unix] time?

    Sam

    ReplyDelete
  2. Sam - you're absolutely right, it's not, that's the point - I don't think the trojan in a VM makes any difference. If people are willing to download code (or a VM) from an untrusted source, the existence of ViMtruder doesn't make you any worse off security wise.

    ReplyDelete