Windows considers the launch

[relemedf5w023]

A Linux application as a pico process, i.e. a new type of process that is structurally different from those that occur when native programs are launched. As the researchers found out, no antivirus tracks these processes, despite the fact that Microsoft has provided antivirus developers with the Pico API. To work with bashware, you do not need to write special viruses for Linux, which will then be launched in the attacked Windows using WSL. Thanks to the Wine program, you can use regular malware for Windows, including long-known ones, since it will still be hidden from antiviruses.

Safety Tales: Weather in Your Smartphone
Vladimir Bezmaly | 12.09.2017
- Johann, we need your help!

- And when did you call about anything else, Mr. Commissioner? Does that happen? Okay, I'll be serious. What happened?

- We need to track Don Jose! The problem is that he's great at evading surveillance, and we need to get his routes.

— Does he use a smartphone? And what kind of technology does he use? The more you tell us, the easier it will be for us.

- Yes, he uses a smartphone, encrypts conversations. Often uses the AW app for weather forecasts. Uses a smartphone from company A.

- In principle, this is enough. We will help track the routes.

- But how?

- Now that's of no use to you. We're not lebanon mobile database about your methods of persecution, are we?

- Mark, you said we have connections in the company RM, which sells location information?

- Yes, there is. Our man works there as the head of the Security Service.

- We need his help. We need to clarify what data AW is selling them.

- Easy. I need 10-15 minutes. Okay?

Some time passed.

— Chief, this is what they transmit. AW sends information to RM a total of 16 times per day. The application collects the following data: precise GPS coordinates of the user device; the name and Basic Service Set Identifier (BSSID) of the Wi-Fi network on which the device is used; the status of the Bluetooth personal area network (on/off).