The Chinese have created a virus that blocks the connection of client PCs with cloud antivirus software.

The new Trojan, created by Chinese hackers, is aimed at blocking the work of cloud anti-virus services. Troyan, called Bohu, is distributed in a fairly simple way - as a free video player. Trojan detected by Microsoft Malware Protection Center. In principle, other Trojans are spread in a similar way - some in the form of defragmenters, others - as antiviruses, and still others - registry cleaners. In general, the way Trojan is distributed is quite ordinary, only the tasks of the antivirus are unusual - it blocks the connection of a regular PC with an antivirus cloud system.

Currently, the virus “works” only with Chinese cloud solutions, but we must think that this is only the first bird, and soon new versions may threaten products such as the KSN system from Kaspersky Lab. Such a system interacts with the data sent by users, which allows you to successfully deal with new dangers. Another fairly well-known product is Panda Security software, which blocks dangerous sites reported by users.
')
New technologies used by antivirus companies have forced hackers to switch to old methods of spreading viruses (recall the same Stuxnet, which is still a mystery to many computer security experts, but which is distributed mostly via USB-flash). Hackers will also work on new ways of spreading their viruses, or on new methods of combating their software with "cloud" antiviruses.

Bohu (or TrojanDropper: Win32 / Bohu.A) simply does not allow the user PC to send information to the “cloud”, and it does so imperceptibly. It is worth noting that the virus does not just block access to the site of the company that provides support for the antivirus, but blocks the online notification system.

Via Microsoft Malware Protection Center