MITRE ATT&CK / T1062
T1062
Hypervisor
Description
**This technique has been deprecated and should no longer be used.**A type-1 hypervisor is a software layer that sits between the guest operating systems and system's hardware. (Citation: Wikipedia Hypervisor) It presents a virtual running environment to an operating system. An example of a common hypervisor is Xen. (Citation: Wikipedia Xen) A type-1 hypervisor operates at a level below the operating system and could be designed with [Rootkit](https://attack.mitre.org/techniques/T1014) functionality to hide its existence from the guest operating system. (Citation: Myers 2007) A malicious hypervisor of this nature could be used to persist on systems through interruption.
Platforms
Use our free MITRE ATT&CK lookup tool, or browse the full ATT&CK matrix.
Our coverage
- Attackers Abuse Bun JavaScript Runtime to Spread NWHStealer Infostealer
- Microsoft April 2026 Update Intentionally Blocks psmounterex.sys — Backup Apps Break
- DEEP#DOOR Python Backdoor Detection: YARA Rules, Network IOCs, and Credential Theft Defences
Source: MITRE ATT&CK Enterprise matrix. View on attack.mitre.org →