eWeek.com, By Brian Prince
Malware authors have their eyes on them too – something exemplified by the Bohu Trojan, which blocks connections from Windows machines to cloud anti-virus technologies to disable users’ defenses...
Among the sites the malware blocks traffic to is geo.kaspersky.com. According to Kurt Baumgartner, senior malware researcher at Kaspersky Lab, some of the techniques the Trojan uses are old, and have been around more than a decade. Simple “morphing with junk data is not a new method,” he said, adding the Trojan's behavior makes it easier to detect by client-side behavioral protections.