Malware dubbed AcidBox has been identified by researchers who say a mysterious cybergang used it twice against Russian organizations as far back as 2017. In a report released Wednesday, Palo Alto Networks Unit 42 sheds new light onto attacks against VirtualBox that used the AcidBox malware. Despite the bug (CVE-2008-3431) fix, only one of two vulnerabilities were patched in 2008. The Turla Group attacks also focused on VirtualBox s VirtualBox drivers, but the second vulnerability is still unpatched.
Source: https://threatpost.com/acidbox-malware-uncovered-using-repurposed-virtualbox-exploit/156653/