Hackers Using a Windows OS Feature to Evade Firewall and Gain Persistence

A novel technique adopted by attackers finds ways to use Microsoft’s Background Intelligent Transfer Service (BITS) so as to deploy malicious payloads on Windows machines stealthily.
In 2020, hospitals, retirement communities, and medical centers bore the brunt of an ever-shifting phishing campaign that distributed custom backdoors such as KEGTAP, which ultimately paved the way for RYUK