3

I am using Windows 10 Home edition (Fall creators update), 750 GB HDD. I use Oracle VirtualBox, and I have two virtual machines there: Windows 7 (32 bit) and Ubuntu 14.04.5. I will do malware-analysis inside the virtual machines. I will run malwares and analyze them. The malwares can be worm, trojan, virus etc.

Is it possible to keep my host (Windows 10) completely safe from the malware-infected virtual machines? If yes, how to do that?

If my infected virtual machines use the same wifi connection as my host, is there any chance for my host to get infected?

Anders
  • 64,406
  • 24
  • 178
  • 215
danver
  • 31
  • 1
  • 1
    see https://reverseengineering.stackexchange.com/questions/2513/malware-in-virtual-machines and https://reverseengineering.stackexchange.com/questions/23/how-can-i-analyze-a-potentially-harmful-binary-safely – julian Nov 19 '17 at 15:38
  • "Completely safe" is not a thing, except *maybe* for airgapped keygen systems that never leave a Faraday cage. – Kevin Nov 19 '17 at 19:53

1 Answers1

2

No, it is not possible to keep your host completely safe by using a VM. And on this years pwn2own competition a guest-drive-by to host system privileges exploit chain was shown.

Yet, for analysis of „regular“ malware, the risk is not as high.

Also, if an exploit in the Networking stack is found, this might also infect your host.

Best practice: have a dedicated VM host machine that doesn’t contain any information.

guest
  • 103
  • 2
Tobi Nary
  • 14,302
  • 8
  • 43
  • 58