The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: distributed reflective DoS attacks

BitTorrent Fixes Reflective DDoS Attack Security Flaw

BitTorrent Fixes Reflective DDoS Attack Security Flaw

August 28, 2015Swati Khandelwal
Two weeks ago, we reported how a serious flaw in the popular peer-to-peer BitTorrent file sharing protocols could be exploited to carry out a devastating distributed denial of service (DDoS) attack, allowing lone hackers with limited resources to take down large websites. Good news is that the developers of BitTorrent have fixed the security issue in its service that is being used by hundreds of Millions of users worldwide. In a blog post published Thursday, BitTorrent announced that the flaw was resided in a reference implementation of the Micro Transport Protocol (uTP) called libuTP , which is used by many widely used BitTorrent clients such as μTorrent , Vuze and Mainline . The San Francisco company also announced that it has rolled out a patch for its libuTP software that will stop miscreants from abusing the p2p protocol to conduct Distributed Reflective Denial-of-Service (DRDoS) attacks. DRDoS attack is a more sophisticated form of conventional DDoS att
How to Exploit BitTorrent for Large-Scale DoS Attacks

How to Exploit BitTorrent for Large-Scale DoS Attacks

August 17, 2015Mohit Kumar
A flaw discovered in several widely used BitTorrent applications, including uTorrent, Vuze and Mainline , could be used to carry out a devastating distributed denial of service (DDoS) attack that makes it very easy for a single undetectable hacker to bring down large sites. A new research by Florian Adamsky of the City University London shows that open BitTorrent protocol can be exploited to carry out Distributed Reflective Denial of Service (DRDoS) attacks . The bitTorrent protocol is a file-sharing protocol used by Millions of active online users at any given point in the day to exchange files over the Internet. DRDoS attack is a more sophisticated form of conventional DDoS attack where open and misconfigured DNS (Domain Name System) can be used by anyone to launch high-bandwidth DDoS attacks on target websites. In a paper , titled " P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks ," the resea
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.