0

Is my VirtualBox setup fine for running a potential virus/malware?

Here's the screenshot of my settings - CLICK

Shared clipboard and drag n drop are off.

Let me know if anything else is required.

multithr3at3d
  • 12,529
  • 3
  • 31
  • 43
WLTY
  • 11
  • 1
  • VirtualBox is vulnerable so I guess it depends on whether the virus/malware includes a virtual machine exploit: https://www.bleepingcomputer.com/news/security/virtualbox-zero-day-vulnerability-details-and-exploit-are-publicly-available/ – pcalkins Aug 21 '20 at 18:38

1 Answers1

0

In general VM environment is a sandbox (isolated environment). However, it comes with caveats. If your VM is connected to the local network, the Virus or Malware can use it as an attack vector to infect other hosts on the network. So you should consider disconnecting your VM from any type of network and or virtual interfaces. Another factor worth considering is that escaping sandbox is difficult but not impossible so depending on the type of Virus/Malware it may affect the host machine and other connected devices utilizing vulnerabilities of the sandbox environment.

I would advise using a separate dedicated offline machine for running the sandboxed environment, a machine that you can reformat after finished testing, preferably something with capabilites for flashing the BIOS to avoid any surprises.

nethero
  • 492
  • 2
  • 6