- Jun 14, 2011
- 1,790
A novel technique adopted by attackers finds ways to use Microsoft's Background Intelligent Transfer Service (BITS) so as to deploy malicious payloads on Windows machines stealthily.
In 2020, hospitals, retirement communities, and medical centers bore the brunt of an ever-shifting phishing campaign that distributed custom backdoors such as KEGTAP, which ultimately paved the way for RYUK ransomware attacks.
But new research by FireEye's Mandiant cyber forensics arm has now revealed a previously unknown persistence mechanism that shows the adversaries made use of BITS to launch the backdoor.
Hackers Using a Windows OS Feature to Evade Firewall and Gain Persistence
Hackers are using Microsoft OS features to evade Firewalls and build persistent attacks on their targets.
thehackernews.com