Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
Uploading malware, disguised as legitimate files, to the BitTorrent network is a common and relatively easy way for attackers to gain access to your network. Additionally, BitTorrent clients might contain vulnerabilities that can be exploited remotely. If a device is suddenly sharing files through the BitTorrent protocol, that device might be exposing your network to new risks. And because many files in the BitTorrent network are illegal and violate copyright law, downloading these files can be a liability.
The system might change the risk score for this detection.
Kill Chain
Risk Score
60
If a user on your network downloads a file that appears to be legitimate, but is hiding malware, your network might be exposed to further exploitation and risk. Malware includes viruses, worms, trojans, and spyware—the file might not be damaging itself but can open the door to future attacks. Malware might be attached to a file or program on the network and remain dormant until that file is opened, launching the attack. If a user then inadvertently uploads the malware to the BitTorrent network, they can further spread malware to other users.
Block BitTorrent with a next generation firewall (NGFW)
Block common BitTorrent ports (6881-6889)
Prohibit the download of BitTorrent client applications
