A new threat is attacking Windows without being detected.

Windows Articles

How to install Brackets in Windows 10 plus extensions

Hello! Brackets is an open-source code editor designed by Adobe for web developers. Additionally, it has a very simple and modern interface...

How to install Docker on OpenSUSE 15.2 / 15.1?

Docker is a fairly popular technology in today’s sysadmin. It is logical to think because it means a complete change in the...

How to analyze the network with IP Tools for Android

Hi! If you want to analyze and adjust the network almost professionally, then this post is for you. Indeed, IP Tools is...

How to install GNU Fortran on Ubuntu 20.04 / 18.04?

Not everything old is bad. This is how it is. Well, while it is true that there are many programming languages today, there are...

How to install Unity Desktop on Ubuntu 20.04?

Unity Desktop was for a long time the default desktop environment in Ubuntu. Thanks to this, Ubuntu gained a great personality and...

Hello, how are you? Security is a fundamental concern for all users of an operating system. In fact, this aspect has been strongly criticized in Windows 10. However, security tools have been improving their effectiveness over time. Similarly, Microsoft strives to increase the privacy and security of its operating system. Nevertheless, hackers are also refining their methods to bypass protection. I recently told you about a new type of ransomware that steals information in Windows 10. Today I’m telling you about a threat called BILOAD. This threat attacks windows without being detected.

BILOAD, a new undetectable threat for Windows 10

Windows 10 is the operating system with more users worldwide. Consequently, it is the main target of computer attackers. It is logical that they seek to harm the greatest number of users. For that reason, this threat is designed to affect Microsoft’s operating system. An interesting and especially dangerous element of this threat is that it is really difficult to detect. Since its operation is similar to the BOOSTWRITE tool of FIN7. This is based on the search of DLLs of the applications to be executed. In this case, BOOSTWRITE uses the legitimate Dwrite.dll

We could say that BILOAD is the evolution of BOOSTWRITE. Both threats use the same code base and open the back door of Carbanak. Similarly, they take advantage of Windows operation to search for the DLLs needed to load a program. Specifically, attackers exploit the DLL lookup by placing the fake version of WinBio.dll in the same FaceFodUninstaller %WINDR%\ System32\WinBioPlugIns folder. In this way, they place the file necessary to have elevated privileges on the victim’s computer. For now, this threat only affects Windows 10 64-bit operating systems.

Most antivirus programs do not detect BILOAD.

As mentioned at the beginning, the behavior of this threat makes it almost undetectable. This represents a major problem since most users rely on their antivirus suite to be protected. For that reason, additional measures need to be taken to be protected. First, the user must have common sense. Most of these problems are caused by the misuse of the system. For example, downloading software from unofficial sources, opening unreliable attachments in emails. Similarly, browsing websites of dubious reputation. It is vital to use common sense and not to put the computer at risk.

Additionally, it is highly recommended keeping the operating system correctly updated. Sometimes, vulnerabilities arise that are exploited by hackers. In the final analysis, we’ve seen this threat attack Windows without being detected. I hope that with this advice, you will be vigilant in protecting the operating system from this silent threat. That’s all for now. I’ll see you soon.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install Brackets in Windows 10 plus extensions

Hello! Brackets is an open-source code editor designed by Adobe for web developers. Additionally, it has a very simple and modern interface...

How to install Docker on OpenSUSE 15.2 / 15.1?

Docker is a fairly popular technology in today’s sysadmin. It is logical to think because it means a complete change in the...

How to analyze the network with IP Tools for Android

Hi! If you want to analyze and adjust the network almost professionally, then this post is for you. Indeed, IP Tools is...

How to install GNU Fortran on Ubuntu 20.04 / 18.04?

Not everything old is bad. This is how it is. Well, while it is true that there are many programming languages today, there are...

How to install Unity Desktop on Ubuntu 20.04?

Unity Desktop was for a long time the default desktop environment in Ubuntu. Thanks to this, Ubuntu gained a great personality and...