3

I have a little doubt about the security of my virtual machine and Windows. Can anyone please point me in right direction?

Below is my what, how and why I made my virtual machine.

Let me tell you what I build first. I build an encrypted Virtual machine using:

VeraCrypt (for encrypting the machine) VirtualBox (to build the virtual machine) Lubuntu (Linux OS inside virtual machine) I also encrypt the drive where VeraCrypt is added with BitLocker. I have recently installed Windows 10 with Bitdefender Total Security and recently bought VPN as well.

This is the guide I use to how I build it:

https://bittox.com/2017/10/04/create-encrypted-virtual-machine-managing-cryptocurrency-portfolio/

WHY I build it :- The reason I build it because recently one of my friend got hacked and lost 90% of his saving of cryptocurrency.

I don't want to loose as well so I'm asking few questions:

If I have 2 months old laptop with 2 months old Windows 10 installation with Bitdefender total security from start. Can I still have keylogger on my laptop? I used Hitmanpro & malwarebytes as well and it is showing clean.

If I have keylogger (software not hardware) can it still track what I type in Virtual Machine, keeping in mind I forbid to take snapshot, copy paste from Windows 10 to VM or vice versa.

I have encrypted my drive with BitLocker in which I keep Vera file which has virtual machine encrypted. Can someone clone my vera file without my notice? Keeping in mind I'm on VPN and I change VPN frequently, almost every 1 hour and my upload bandwidth is as low as 512Kbps.

Can anyone point me to add additional security if there is something I miss?

What are the services I should close in Windows 10 so that any malware keylogger cannot send data without my knowledge? Any useless services which is better being closed on my Windows 10 laptop?

Note: I'm not keeping crypto pvt keys on virtual machine as well.

IF anyone can help do point me as I'm not a professional security expert. Should I remove some of services from my Windows to keep it more secure? Also my ASUS laptop has inbuilt apps should I delete them as well?

Thanks for pointing out anything

Community
  • 1
user3526312
  • 31
  • 1
  • Yes, a keylogger installed on the host machine can record what you enter in the virtual machine https://security.stackexchange.com/questions/109709/keystroke-logging-and-virtual-machines – Limit Mar 19 '18 at 20:40
  • AFAIK, bitlocker would not be useful if some malicious app is running as your user. That app can open a file for read and copy it. – Limit Mar 19 '18 at 20:43
  • As for closing services, I guess you can follow the hardening guidelines that organizations follow for employee laptops – Limit Mar 19 '18 at 20:52

0 Answers0