Interesting they would mention Casey Smith: Guess Kaspersky doesn't realize he has went "dark" since the posted POC link doesn't work.
This once again shows how important firewalls are. It doesn't really matter which process is being hijacked, as long as it can't connect out. Obviously, it only makes sense to hijack processes that need outbound access in order to function like the browser and svchost.exe, but all other system processes need to be blocked from network access.