Trojan Blocks Cloud Antivirus Security Technology
20 Jan 2011
eWeek.com, By Brian Prince
The Bohu Trojan has been seen attempting to block cloud-based technologies in anti-virus products.
Malware authors have their eyes on them too – something exemplified by the Bohu Trojan, which blocks connections from Windows machines to cloud anti-virus technologies to disable users’ defenses...
Among the sites the malware blocks traffic to is geo.kaspersky.com. According to Kurt Baumgartner, senior malware researcher at Kaspersky Lab, some of the techniques the Trojan uses are old, and have been around more than a decade. Simple “morphing with junk data is not a new method,” he said, adding the Trojan's behavior makes it easier to detect by client-side behavioral protections.