
Hackers Abuse QEMU for Defense Evasion in Ransomware Campaigns
Malware&ThreatsEvasionQEMUVM
Hackers have abused QEMU, a machine emulator, in at least two distinct campaigns to distribute ransomware and remote access tools as a defense evasion technique. The abuse of QEMU was identified in attacks but no specific threat actor groups, dates, or targeted regions were disclosed. No technical details such as malware families, infection vectors, or CVE identifiers were provided in the report. The primary impact involves leveraging QEMU to bypass security defenses while deploying malicious payloads. The campaigns highlight the misuse of legitimate emulation software for malicious purposes.