Anti-cloud malware detected
Bohu uses a number of techniques to get around cloud-based anti-virus, researchers discover.
A piece of malware specifically targeting anti-virus technology protecting the cloud has been spotted.
At the current time, the Bohu Trojan is native to China and uses social engineering to infect systems, Microsoft discovered.
"Bohu attracts user installation by social engineering techniques, for example, using attractive file names and dropping a fake video player named Bohu high-definition video player,'" a blog post on the Microsoft Malware Protection Centre states.
"The more interesting part of Bohu is that the malware blocks cloud-based services now commonly featured in major Chinese antivirus products."
To evade cloud anti-virus technology, Bohu has been seen using a variety of techniques.
For instance, to sneak passed hash-based detections, Bohu was seen modifying files, writing "random junk data into the end of its key payload components."
One security expert has suggested the attack will only damage the security reputation of cloud computing.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"The security of information in the cloud has had a question mark over it for some time," said Alan Bentley, senior vice president of international at Lumension.
"This attack will only serve to fuel further concerns regarding the safety of storing information virtually."
Bentley said the malware also indicates anti-virus alone is not enough to protect systems.
"Relying on Anti-Virus solutions has proven ineffective time and time again," Bentley added.
"A more intelligent approach to security would serve to prevent against attacks like Bohu. Only by allowing code that is known to be good to enter a network, can organisations make sure they are truly protected."
Security has been an issue preventing companies jumping on the cloud computing bandwagon for some time.
Nevertheless, Ovum recently suggested the UK Government will ramp up its cloud computing use this year.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.