In the security field, virtual machines (VM) have been used for many years and are popular among researchers because malware can be executed and analyzed on them without having to reinstall production systems every time. As we previously discussed, these tests can be done manually or on automated systems, with each method providing different benefits or drawbacks. Every artifact is recorded and a conclusion is made to block or allow the application. For similar reasons, sandbox technology and virtualization technology have become a common component in many network security solutions. The aim is to find previously unknown malware by executing the samples and analyzing their behavior.
However, there is an even bigger realm of virtual systems out there. Many customers have moved to virtual machines in their production environment and a lot of servers are running VM, performing their daily duty with real customer data.
This leads to a common question when talking to customers: “Does malware detect that it is running on a virtual system and quit?”
more here................http://www.symantec.com/connect/ko/blogs/does-malware-still-detect-virtual-machines
However, there is an even bigger realm of virtual systems out there. Many customers have moved to virtual machines in their production environment and a lot of servers are running VM, performing their daily duty with real customer data.
This leads to a common question when talking to customers: “Does malware detect that it is running on a virtual system and quit?”
more here................http://www.symantec.com/connect/ko/blogs/does-malware-still-detect-virtual-machines