Guidelines How to perform dynamic malware testing [for Hub testers]

Discussion in 'Malware Analysis' started by LabZero, Jan 16, 2016.

  1. Opcode

    Opcode Level 24
    Content Creator

    Aug 17, 2017
    Windows 10
    Disable the drag and drop always before testing malware in the VM :)

    All these Guest -> Host and Host -> Guest features are all large attack vectors because they actually provide functionality for the communication. Would not be surprised if a government agency already figured out how to exploit it with some sort of attack like exploitation of the ROP chain. A VM will never be bullet-proof but I doubt any single individual here will encounter a VM escape if its secure by disabling such features like the drag and drop, shared clipboard, shared folders, etc. :)

    You can also use a Linux system with no hard-disk which boots off a USB as a precaution against hardware firmware hacking LOL. I've never done it but I know you definitely can.

    The issue I think is vulnerabilities in the CPU chips which cause so much hassle with virtualisation security, have you seen the latest Intel vulnerability news? It's all over the News now. And Virtual Machines are only possible because of usage of technology which is implemented into the CPU hardware (Intel VT-x, AMD SVM, etc). However, AMD seems to be quite safe compared to Intel IMO.
    harlan4096, Andy Ful and silversurfer like this.
  2. boredog

    boredog Level 9

    Jul 5, 2016
    Windows 10
    Yes I do this on a laptop.

    I just saw a story about Intel this morning but have not read it yet.
    Opcode likes this.
  • About Us

    Our community has been around since 2010, and we pride ourselves on offering unbiased, critical discussion among people of all different backgrounds about security and technology . We are working every day to make sure our community is one of the best.
  • Need Malware Removal Help?

    If you're being redirected from a site you’re trying to visit, seeing constant pop-up ads, unwanted toolbars or strange search results, your computer may be infected with malware. We offer free malware removal assistance to our members in the Malware Removal Assistance forum.
  • Quick Tip

    Without meaning to, you may click a link that installs malware on your computer. To keep your computer safe, only click links and downloads from sites that you trust. Don’t open any unknown file types, or download programs from pop-ups that appear in your browser.