Back in a Bit: Attacker Use of the Windows Background Intelligent Transfer Service
When malicious applications create BITS jobs, files are downloaded or uploaded in the context of the service host process. This can be used to bypass firewalls that block unknown processes.
