back to article Chinese Trojan blocks cloud-based security defences

Miscreants have released a Trojan specially designed to disable cloud-based anti-virus security defences. The Bohu blocks connections from infected Windows devices and cloud anti-virus services in place to protect them. Malware writers have long included routines to disable components of desktop anti-virus software packages or …

COMMENTS

This topic is closed for new posts.
Joke

Er...

"Only by allowing code that is known to be good to enter a network..."

Surely, that will exclude most of Microsoft's stuff?

4
0

Yep.

Most of Microsoft's stuff. Almost all of Linux. And no one runs Apple stuff on anything but toys these days so we don't need to consider that.

OS code aside, The Register would lose half its stories if drone workers didn't find ways of circumventing security and running stuff they weren't supposed to or copying data they shouldn't.

For the sake of the Reg, keep networks open!

0
0
Silver badge

Wouldn't matter.

Even if code was whitelisted, exploiters have been known to find ways to turn good programs bad (look up Return-Oriented Programming).

0
0

Whitelisting none too practical

Problem with whitelisting is that you have to pay someone like Verisign to auth your code, and that is impractically expensive for small utilities.

Since it seems this malware would have to gain a foothold on the client computer before it can block cloud access, an alternative approach is to limit where, on disk, apps can be launched from, excluding from this definition any download or temp folder.

http://sf.net/projects/softwarepolicy is quite effective in this role (Shameless plug, actually, being as I am the coder <g>)

0
0

re: Er...

This would be a problem how and why?

0
0

twas a joke, sir!

well, i think it was.

0
0
Silver badge

re re er

Hell, you don't do irony, do you?

0
0
FAIL

Quote:

"It is the first designed to target anti-virus technology that is protecting the cloud. Add to that the fact that it is native to China, and we are seeing yet another new wave of targeted cyber attacks."

Looks like the guy didn't understand peep about it...

It is not targeting AV that is protecting the cloud, but drawing protection FROM the cloud.

And one piece of malware that is not even that widespread does not make a "cyber attack".

Fu**ing "computer security" populists and self proclaimed "experts".

0
0
Troll

Bentley?

Not only is he talking utter bullshite, but I sense a hidden agenda here.

0
0
Bronze badge

Wow

Bad guys realized if people kept all their eggs in one basket they could get more people at once !!!

0
0
Silver badge
Joke

route add -net ........

one of the oldest tricks in the book. Used by network admins to get overtime since 1989 (in a specific case).

0
0
This topic is closed for new posts.

Forums