A new threat is attacking Windows without being detected.

Windows Articles

How to install Vanilla Forum on Ubuntu 20.04?

Hello, folks. This post is about how to install Vanilla Forum on Ubuntu 20.04. Vanilla is an opensource discussion...

How to backup and restore Group Policy Objects in Windows Server 2016/2019.

Hi! Previously we have mentioned that Windows Server pursues a centralized administration of each role and service. In this way, a fluid...

How to use the ls command?

The ls commands list the content and optional information of the directories and files. When you execute the Ls command without options,...

How to Install APK file on Android

Hello Friends! Today we bring you a simple guide on how to install an APK file in Android. What...

How to Install the Latest version of FFmpeg on Ubuntu 20.04 / Debian 10?

Knowing how to install the latest version of FFmpeg is important if you know how to work with multimedia files. So in...

Hello, how are you? Security is a fundamental concern for all users of an operating system. In fact, this aspect has been strongly criticized in Windows 10. However, security tools have been improving their effectiveness over time. Similarly, Microsoft strives to increase the privacy and security of its operating system. Nevertheless, hackers are also refining their methods to bypass protection. I recently told you about a new type of ransomware that steals information in Windows 10. Today I’m telling you about a threat called BILOAD. This threat attacks windows without being detected.

BILOAD, a new undetectable threat for Windows 10

Windows 10 is the operating system with more users worldwide. Consequently, it is the main target of computer attackers. It is logical that they seek to harm the greatest number of users. For that reason, this threat is designed to affect Microsoft’s operating system. An interesting and especially dangerous element of this threat is that it is really difficult to detect. Since its operation is similar to the BOOSTWRITE tool of FIN7. This is based on the search of DLLs of the applications to be executed. In this case, BOOSTWRITE uses the legitimate Dwrite.dll

We could say that BILOAD is the evolution of BOOSTWRITE. Both threats use the same code base and open the back door of Carbanak. Similarly, they take advantage of Windows operation to search for the DLLs needed to load a program. Specifically, attackers exploit the DLL lookup by placing the fake version of WinBio.dll in the same FaceFodUninstaller %WINDR%\ System32\WinBioPlugIns folder. In this way, they place the file necessary to have elevated privileges on the victim’s computer. For now, this threat only affects Windows 10 64-bit operating systems.

Most antivirus programs do not detect BILOAD.

As mentioned at the beginning, the behavior of this threat makes it almost undetectable. This represents a major problem since most users rely on their antivirus suite to be protected. For that reason, additional measures need to be taken to be protected. First, the user must have common sense. Most of these problems are caused by the misuse of the system. For example, downloading software from unofficial sources, opening unreliable attachments in emails. Similarly, browsing websites of dubious reputation. It is vital to use common sense and not to put the computer at risk.

Additionally, it is highly recommended keeping the operating system correctly updated. Sometimes, vulnerabilities arise that are exploited by hackers. In the final analysis, we’ve seen this threat attack Windows without being detected. I hope that with this advice, you will be vigilant in protecting the operating system from this silent threat. That’s all for now. I’ll see you soon.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install Vanilla Forum on Ubuntu 20.04?

Hello, folks. This post is about how to install Vanilla Forum on Ubuntu 20.04. Vanilla is an opensource discussion...

How to backup and restore Group Policy Objects in Windows Server 2016/2019.

Hi! Previously we have mentioned that Windows Server pursues a centralized administration of each role and service. In this way, a fluid...

How to use the ls command?

The ls commands list the content and optional information of the directories and files. When you execute the Ls command without options,...

How to Install APK file on Android

Hello Friends! Today we bring you a simple guide on how to install an APK file in Android. What...

How to Install the Latest version of FFmpeg on Ubuntu 20.04 / Debian 10?

Knowing how to install the latest version of FFmpeg is important if you know how to work with multimedia files. So in...
x