FIN7 Hackers’ BIOLOAD Malware Drops Fresher Carbanak Backdoor

Malware researchers have uncovered a new tool used by the financially-motivated cybercriminal group known as FIN7 to load fresher builds of the Carbanak backdoor.

Dubbed BIOLOAD, the malware loader has a low detection rate and shares similarities with BOOSTWRITE, another loader recently identified to be part of FIN7’s arsenal.

Abusing legitimate Windows methods

The malware relies on a technique called binary planting that abuses a method used by Windows to search for DLLs required to load into a program. An attacker can thus increase privileges on the system or achieve persistence.

Read more…

Alex Anghelus

SC Prodefence SRL CEO - Cyber Security, Pentesting & Ethical Hacking - Malware Analyst

SC ProDefence SRL - Cyber Security Services