Bohu, a new type of malware, is attacking cloud-based Anti-Virus (AV) technology from popular suppliers in Chi...
Bohu (TrojanDropper:Win32/Bohu.A) attracts user installation by social engineering techniques, according to the Microsoft Malware Protection Center (MMPC).
The techniques include using attractive file names and dropping a fake video player named "Bohu high-definition video player".
Bohu is designed to block cloud-based services now commonly featured in major Chinese antivirus products.
Cloud-based virus detection works using a client to send important threat data to the server for back-end analysis, and subsequently acquiring further detection and removal instructions.
The process is designed to remove malware not handled by the traditional on-the-box signature approach, but Bohu tries to sever the communication between cloud client and server, and constantly modify file content of its components to evade detection.
Bohu is part of the first wave of malware that specifically targets cloud-based antivirus technology, said the MMPC.
Alan Bentley, senior vice-president at security firm Lumension, said the security of information in the cloud has had a question-mark over it for some time.
"This attack will only serve to fuel further concerns regarding the safety of storing information virtually," he said.
According to Bentley, with cyber-criminals now targeting security defences, a different approach to safeguarding data is required.
"Relying on anti-virus solutions has proven ineffective time and time again. A more intelligent approach to security would serve to prevent attacks like Bohu. Only by allowing code that is known to be good to enter a network, can organisations make sure they are truly protected," he said.