A flaw discovered in several widely used BitTorrent applications, including uTorrent, Vuze and Mainline, could be used to carry out a devastating distributed denial of service (DDoS) attack that makes it very easy for a single undetectable hacker to bring down large sites.
A new research by Florian Adamsky of the City University London shows that open BitTorrent protocol can be exploited to carry out Distributed Reflective Denial of Service (DRDoS) attacks.
The bitTorrent protocol is a file-sharing protocol used by Millions of active online users at any given point in the day to exchange files over the Internet.
DRDoS attack is a more sophisticated form of conventional DDoS attack where open and misconfigured DNS (Domain Name System) can be used by anyone to launch high-bandwidth DDoS attacks on target websites.
In a paper, titled "P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks," the researchers shows that the weakness in various BitTorrent protocols can be exploited to amplify Denial of Service attacks.
The researchers conducted a test in which they were able to exploit BitTorrent peers to flood a third-party target with data traffic up to a factor of 50 to 120 times bigger than the original request.
According to researchers, the vulnerability affects BitTorrent protocols (Micro Transport Protocol (uTP), Distributed Hash Table (DHT), Message Stream Encryption (MSE)) as well as BitTorrent Sync (BTSync) protocols.
Dos amplification techniques are not at all new. The amplification attacks have significantly increased in the past year, and hackers are widely taking advantage of this to attack major websites.
Last year we saw hackers exploiting a vulnerability in the home as well as small office routers to amplify the bandwidth of the attack.
Two years ago, a massive 300Gbps DDoS attack launched against Spamhaus website almost broke the Internet. Also last year, hackers succeeded in reaching new heights of the massive DDoS attack targeting content-delivery and anti-DDoS protection firm CloudFlare, reaching more than 400Gbps at its peak of traffic.
BitTorrent has been notified about the flaws. The company has already patched some of its applications in a recent beta release. However, uTorrent is still vulnerable to a DHT attack. Vuze has also been notified about the vulnerability and has yet to release a patch.