Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to avoid infection in host when I run malware in VM?


  • Please log in to reply
4 replies to this topic

#1 sabino65

sabino65

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 22 June 2018 - 03:43 AM

I have W10 as host and a Oracle VM Virtual Box Versión 5.2.12 r122591 (Qt5.6.2) with W10, too. I am going to infect the VM with malware. After, I will delete it and I will restart from a backup. But I don't want my host be infected...

 

How to avoid? I will close shared folders and I will disconnect network device, but I need shared copy/paste text between both systems.

Is it enough? Or ever there is risk of infection?

 

Thanks in advance.


Edited by hamluis, 22 June 2018 - 06:00 AM.
Moved from VMs to General Security - Hamluis.


BC AdBot (Login to Remove)

 


#2 midimusicman79

midimusicman79

  • Members
  • 687 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:01:33 PM

Posted 23 June 2018 - 11:00 AM

Hi, sabino65!

Unless you are a security researcher, analyzing malware is risky, so do not do it. :exclame:

Security researchers use Virtual Machines to analyze malware, but that does not imply that any normal (unskilled in malware analysis) computer user could do the same.
 
Because, some malware could even escape the Virtual Machine, and then security researchers know how to handle it, but normal computer users do not.

And as such, you risk infecting your host (computer) with malware. :exclame:

You are welcome! :)

Regards,
midimusicman79

Edited by midimusicman79, 24 June 2018 - 09:21 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#3 sabino65

sabino65
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 25 June 2018 - 03:51 AM

Thanks midimusicman79.



#4 CharlieMonk

CharlieMonk

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 20 July 2018 - 07:52 PM

If you run it as a level 1 hypervisor, it's much harder for malware to escape the virtual machine. Level 1 hypervisors run on the hardware, level 2 hypervisors run on the underlying software (os). Because of this, level 2 hypervisors are easier to escape and gain access over the computer.



#5 sabino65

sabino65
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 21 July 2018 - 02:44 AM

Thanks CharlieMonk. I have read about hypervisor levels. I think Oracle VM is level 2... 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users