Jump to content

Invite Scene - #1 to Buy, Sell, Trade or Find Free Torrent Invites

#1 TorrentInvites Community. Buy, Sell, Trade or Find Free Torrent Invites for Every Private Torrent Trackers. HDB, BTN, AOM, DB9, PTP, RED, MTV, EXIGO, FL, IPT, TVBZ, AB, BIB, TIK, EMP, FSC, GGN, KG, MTTP, TL, TTG, 32P, AHD, CHD, CG, OPS, TT, WIHD, BHD, U2 etc.

LOOKING FOR HIGH QUALITY SEEDBOX? EVOSEEDBOX.COM PROVIDES YOU BLAZING FAST & HIGH END SEEDBOXES | STARTING AT $5.00/MONTH!

BitTorrent Can Be Exploited For DoS Attacks, Research Warns


Recommended Posts

New research shows that BitTorrent clients and BitTorrent Sync can can be exploited for Denial of Service attacks. With the help of the popular file-sharing protocol an attacker can reflect and amplify traffic through fellow file-sharers, boosting the original bandwidth 120 times.

With dozens of millions of active users at any given point in the day the BitTorrent protocol is a force to be reckoned with.

While BitTorrent swarms are relatively harmless, a new paper published by City University London researcher Florian Adamsky reveals that there’s potential for abuse.

The paper, titled ‘P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks’, shows that various BitTorrent protocols can be used to amplify Denial of Service attacks.

Through various experiments Adamsky has confirmed that the vulnerability affects the uTP, DHT, Message Stream Encryption and BitTorrent Sync protocols.

The attacks are most effective through the BitTorrent Sync application where the original bandwidth can be increased by a factor of 120.

For traditional torrent clients such as uTorrent and Vuze the impact is also significant, boosting attacks by 39 and 54 times respectively.

Speaking with TF, Adamsky states that it’s relatively easy to carry out a distributed reflective Denial of Service (DRDoS) attack via BitTorrent. The attacker only needs a valid info-hash, or the “secret” in case of BitTorrent Sync.

“This attack should not be so hard to run, since an attacker can collect millions of possible amplifiers by using trackers, DHT or PEX,” he explains.

“With a single BitTorrent Sync ping message, an attacker can amplify the traffic up to 120 times.”

BitTorrent Inc has been notified about the vulnerabilities and patched some in a recent beta release. For now, however, uTorrent is still vulnerable to a DHT attack. Vuze was contacted as well but has yet to release an update according to the researcher.

For users of BitTorrent-based software there is no security concern other than the fact that people are participating in a DDoS attack without their knowledge. The vulnerability mostly leads to a lot of wasted bandwidth.

https://torrentfreak.com/bittorrent-can-be-exploited-for-dos-attacks-research-warns/

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Check out what our members are saying

  • Our picks

×
×
  • Create New...