BrightScan #ThreatIntelThursday | Teardrop Attacks 😢

Week 33: Teardrop Attacks!

This article is part of #ThreatIntelThursday @OpenAVN, an ongoing series that offers readers authoritative, but easily digestible, information about different malware, how they might be vulnerable to attacks, and what they can do to protect themselves. To read past Threat Intel Thursdays articles, click here. (We suggest starting from Week 1: Malware.)

A teardrop attack is a form of Denial-of-Service attack (DoS) that sends pieces of a fragmented packet to a victim machine. As we saw in our original DoS article, this special form of malware infects a computer and overloads it, causing it to crash

.How does this work?

The target machine is receiving these fragmented packets and cannot reassemble them because of a bug in TCP/IP fragmentation. Thus, the packets overlap each other and end up crashing the target machine.

Are teardrop attacks still a risk?

Because of how teardrop attacks manipulate a glitch in a computer’s re-assembly process, teardrop attacks usually target legacy machines, such as early Windows operating systems (think Windows 95) and Linux OS’s. However, teardrop attacks have been known to target newer Windows machines, such as Windows 7 and Vista.

BrightScan has been optimized for Windows 7, for just this reason. We recognize that while technology is evolving faster than ever, many small business and enterprises have difficulty turning over their computer network at the current rate, leaving their legacy machines vulnerable to cyber attacks. While we may think of “vintage” threats like teardrop attacks as a thing of the past, it’s important to remember that legacy machines can still be vulnerable, and to look for an endpoint protection platform that keeps you protected no matter what.

To defend your system from teardrop attacks and other malware that may be lurking unknown on your system, a lightweight but heavy-duty Endpoint Protection Platform (EPP) is imperative. BrightScan is a cloud-based, blockchain-powered endpoint protection platform that can be customized to fit your needs — it is user-friendly enough for the home office and powerful enough to protect large enterprises.

Contact our Head of Sales, Jourdan Parkinson, to schedule a free demo of our cloud-based EPP BrightScan, our internet firewall Torus, or just to chat about how our products can work for you.

For more of the latest in cybersecurity, subscribe to DefenseArk’s blog right here on Medium. In addition to Threat-Intel Thursdays, we also write about breaking news, thought leadership, and deep-dives into cyber intel.