Moreover, evasive attacks can identify the IP addresses of crawlers used by URL filtering, reputation services and search engines, replying to these engines with legitimate content and increasing the chances of mistakenly being classified by them as a legitimate category,
This sort of threat obviously would require a change in how security software works, requiring more real-time intervention. It would make specific threats harder to identify as well. Of course, it would also mean a server hosting malicious content would require more work as well, having to keep track of all previous visitors for a particular exploit. Interesting stuff.