Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines

This investigation, conducted with support from the Georgian CERT, uncovered new tools and techniques used by the Curly COMrades threat actor. It established covert, long-term access to victim ...
CSO Online

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive ...