I find that hard to believe. Bochs is trivial to detect, unless you heavily patch it, then it's still detectable (for example, by leveraging known bugs/mismatches with a real CPSs). And that's just a tip of the iceberg as far as antivm goes.
But I agree that many detectors used by malware don't expect Bochs and thus don't detect it.
Actually, I believe it's true. It's not that detecting Bochs is necessarily hard, it's just that it's probably not on most people's radars. I had similar success evading anti-VM detection by just simply using Qemu (without KVM) instead of VMware a while ago. (Long enough ago that I still used VMware, I suppose.)
If there were an anti-VM cat-and-mouse game with Qemu/Bochs/etc. that evolved beyond primitive string searches and the like, CPU emulation would likely do a lot better against anti-VM technology. I suspect this is the same thing that makes Unicorn Engine and Qiling fairly effective for analyzing obfuscated code.
> leveraging known bugs/mismatches
What if a real CPU ends up having a similar bug? The more detection tricks you try, the higher the rate of false positives will be.
Bochs emulation side-steps most VM detection because it's not a VM. You can't even use the CPUID/VMEXIT timing detection trick because it's all emulated.