back to article Chinese Trojan blocks cloud-based security defences

Miscreants have released a Trojan specially designed to disable cloud-based anti-virus security defences. The Bohu blocks connections from infected Windows devices and cloud anti-virus services in place to protect them. Malware writers have long included routines to disable components of desktop anti-virus software packages or …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Joke

    Er...

    "Only by allowing code that is known to be good to enter a network..."

    Surely, that will exclude most of Microsoft's stuff?

    1. Dave Cradle

      Yep.

      Most of Microsoft's stuff. Almost all of Linux. And no one runs Apple stuff on anything but toys these days so we don't need to consider that.

      OS code aside, The Register would lose half its stories if drone workers didn't find ways of circumventing security and running stuff they weren't supposed to or copying data they shouldn't.

      For the sake of the Reg, keep networks open!

    2. Charles 9

      Wouldn't matter.

      Even if code was whitelisted, exploiters have been known to find ways to turn good programs bad (look up Return-Oriented Programming).

      1. Anteaus

        Whitelisting none too practical

        Problem with whitelisting is that you have to pay someone like Verisign to auth your code, and that is impractically expensive for small utilities.

        Since it seems this malware would have to gain a foothold on the client computer before it can block cloud access, an alternative approach is to limit where, on disk, apps can be launched from, excluding from this definition any download or temp folder.

        http://sf.net/projects/softwarepolicy is quite effective in this role (Shameless plug, actually, being as I am the coder <g>)

  2. Remy Redert

    re: Er...

    This would be a problem how and why?

    1. william henderson 1

      twas a joke, sir!

      well, i think it was.

    2. Evil Auditor Silver badge

      re re er

      Hell, you don't do irony, do you?

  3. Anonymous Coward
    FAIL

    Quote:

    "It is the first designed to target anti-virus technology that is protecting the cloud. Add to that the fact that it is native to China, and we are seeing yet another new wave of targeted cyber attacks."

    Looks like the guy didn't understand peep about it...

    It is not targeting AV that is protecting the cloud, but drawing protection FROM the cloud.

    And one piece of malware that is not even that widespread does not make a "cyber attack".

    Fu**ing "computer security" populists and self proclaimed "experts".

  4. Anonymous Coward
    Troll

    Bentley?

    Not only is he talking utter bullshite, but I sense a hidden agenda here.

  5. Lionel Baden

    Wow

    Bad guys realized if people kept all their eggs in one basket they could get more people at once !!!

  6. Anonymous Coward
    Joke

    route add -net ........

    one of the oldest tricks in the book. Used by network admins to get overtime since 1989 (in a specific case).

This topic is closed for new posts.

Other stories you might like