Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

Hyper-V

Researchers: Russian-linked group used Hyper-V to hide Alpine VM and bypass endpoint security

Cloud, Cybercrime, News, Research, Vulnerabilities

November 5, 2025

Bitdefender and Georgia CERT say Curly COMrades abused Hyper-V to run a hidden Alpine VM hosting custom implants CurlyShell and CurlCat, bypassing endpoint security and using host networking to mask malicious traffic; researchers published IoCs on GitHub.
RedCurl Cyberspies Adopt Ransomware Tactics Targeting Hyper-V Servers

Cybercrime, News, Vulnerabilities

March 27, 2025

RedCurl, a cyber-espionage group known for corporate intrusions, has shifted tactics by deploying ransomware designed to encrypt Hyper-V virtual machines. This significant evolution in their operational strategy raises concerns about their intentions and operational objectives.

About
Editorial Policy
Privacy
Contact