QEMU abused to evade detection and enable ransomware delivery

The use of hidden virtual machines (VMs) enables long-term access, credential harvesting, data exfiltration, and PayoutsKing ransomware deployment

Categories: Threat Research

Tags: virtual machine, QEMU, PayoutsKing, GOLD ENCOUNTER, CitrixBleed2