Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

There's ways. Detecting whether tools like VMWare/Virtualbox are installed, whether certain drivers are installed, checking the hardware listings etc. etc.

Malware is quite a good study subject about this question. There's a lot of malware that won't run if it's in a virtual machine to avoid researchers from testing it inside one.



And is there VM software used for malware research, that employs counter-countermeasures, e.g. generating drivers with randomized names/IDs; randomizing the hypercall op for the VM and then rewriting the deployed drivers to use that op; etc?

Or, are there modes for emulators like qemu/bochs, where they'll run entirely with "real" (LLE-emulated) hardware?


So, running a Windows VM inside a Windows VM is the safest option?


And games, which these days employ tactics similar to malware.


Do you have a reference that is runnable in this emulator? (Genuinely curious.)


https://github.com/LordNoteworthy/al-khaser#anti-virtualizat...

https://github.com/AlicanAkyol/sems

(dunno if these would build/run on win98 though)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: