Anti-cloud malware detected

gallery

A piece of malware specifically targeting anti-virus technology protecting the cloud has been spotted.

At the current time, the Bohu Trojan is native to China and uses social engineering to infect systems, Microsoft discovered.

“Bohu attracts user installation by social engineering techniques, for example, using attractive file names and dropping a fake video player named ‘Bohu high-definition video player,’” a blog post on the Microsoft Malware Protection Centre states.

“The more interesting part of Bohu is that the malware blocks cloud-based services now commonly featured in major Chinese antivirus products.”

To evade cloud anti-virus technology, Bohu has been seen using a variety of techniques.

For instance, to sneak passed hash-based detections, Bohu was seen modifying files, writing “random junk data into the end of its key payload components.”

One security expert has suggested the attack will only damage the security reputation of cloud computing.

“The security of information in the cloud has had a question mark over it for some time,” said Alan Bentley, senior vice president of international at Lumension.

“This attack will only serve to fuel further concerns regarding the safety of storing information virtually.”

Bentley said the malware also indicates anti-virus alone is not enough to protect systems.

“Relying on Anti-Virus solutions has proven ineffective time and time again,” Bentley added.

“A more intelligent approach to security would serve to prevent against attacks like Bohu. Only by allowing code that is known to be good to enter a network, can organisations make sure they are truly protected.”

Security has been an issue preventing companies jumping on the cloud computing bandwagon for some time.

Nevertheless, Ovum recently suggested the UK Government will ramp up its cloud computing use this year.

Email to a friend

Print this page