Portsuppe

QEMU abused to evade detection and enable ransomware delivery

Sophos X-Ops·85d·Reputable

The use of hidden virtual machines (VMs) enables long-term access, credential harvesting, data exfiltration, and PayoutsKing ransomware deployment Categories: Threat Research Tags: virtual machine, QEMU, PayoutsKing, GOLD ENCOUNTER, CitrixBleed2

Categories cybersecurity · government-security
Original source / advisory
Published
4/16/2026, 12:00:00 AM
Fetched
7/2/2026, 9:19:07 AM
Trust
reputable · 80/100
Language
en