ADVERTISEMENT

Hackers dodging security tools by dropping secret QEMU virtual machines inside Windows

Hackers are dodging Windows security tools by running secret Linux virtual machines with QEMU, an open-source virtualizer. Security researchers warn that hidden VMs enable long-term access, leading to stolen credentials and data, and to ransomware deployment.

QEMU on Windows

Image by Cybernews.

Ernestas Naprys
Ernestas Naprys Senior Journalist
Apr 17, 2026 Updated: 21 April 2026 2 min read
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.
Microsoft Hyper-V virtualization, virtual machines
Image by Cybernews.

Two threat actors using this approach

ADVERTISEMENT
Has my data been leaked?

ADVERTISEMENT