It depends on whether the malware is a worm type that has programming to compromise LAN-type networks from the inside. Imagine your virtualbox sitting on your lan. Is your firewall on your host-OS configured well, and strong? Will the worm bypass it? It is possible yes, but you can protect yourself from it. Using a decent firewall and an intrusion detection system (IDS), as well as packet sniffing (see what the virtuabox does). Sandboxie is a good suggestion, but if you’re still paranoid (like me) you can also do the above.