Bleeping Computer

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run ...
CSOonline

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive names using Windows’ own bare-metal hypervisor. Cyberespionage groups are ...