Overclock.net › Forums › Software, Programming and Coding › Operating Systems › What is VMWARE used for?
New Posts  All Forums:Forum Nav:

What is VMWARE used for? - Page 2

post #11 of 12
Quote:
Originally Posted by The Hundred Gunner View Post

It can be used for malware analysis. Boot up your VM, get it infected, see what it does, and then when you're finished, revert to a snapshot.

It protects (you hope) your host OS from becoming infected and saves time because you don't have to reinstall the guest every time you infect it.

A security contact of mine recently told me some malware will self-delete when it detects it's run under a VM environment and some malware is capable of jumping ship. Scary stuff.
post #12 of 12
Quote:
Originally Posted by SwitchFX View Post

A security contact of mine recently told me some malware will self-delete when it detects it's run under a VM environment and some malware is capable of jumping ship. Scary stuff.

I've seen that happen before. The malware might query registry keys that are signatures of VMWare software (usually those additions you install onto the guest system to get extra features like seamless mode between your host and guest OSs), and if it finds them, then it will behave differently. Sometimes this can be subverted by simply not installing those additions and extra features.

And of course there may be vulnerabilities in the VM software itself, allowing well-crafted malware to affect the host OS. It's always said that if you're going to use a computer for malware analysis, then simply consider it compromised no matter what safety measures you think you have.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Operating Systems
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › What is VMWARE used for?