HackGh Community Forum

Log in

I forgot my password

Who Is Online?
Guests : 0
Hidden : 0
Registered : 0
Users Online :
Refresh View the whole list

Latest topics

keepCalmAndLOVEHACKGH4life  10  5513  21  intl  HackGh  phAnt0m_DrAcON  2000  6  2  DumsormustSTOP  5  terms  30  Unlimited  1  Critical  policies  3  9  4  11  7  3264  8  google  

Top posting users this month

Free counters!
Staff Online
Staff Online
Most Online179
Newest Member
BBC alternative

You are not connected. Please login or register

 » Computer Tricks And Technology Tips » Windows1O OS Downloads, Trick and & Tips » 

BitTorrent App Can Be Exploited for DDoS Attacks

View previous topic View next topic Go down  Message [Page 1 of 1]


Support Moderator
Support Moderator
It turned out that BitTorrent and BitTorrent Sync apps could be exploited by hackers for DDoS attacks. The popular file-sharing protocol allows to reflect and amplify traffic through other file-sharers, thus boosting the original bandwidth by a factor of 120, which is a godsend for hackers.

The recent research revealed that BitTorrent swarms are relatively harmless, but still there’s potential for abuse. Various experiments confirmed that the flaw affects the uTP, DHT, Message Stream Encryption and BitTorrent Sync protocols. It was pointed out that the attacks were most effective via the BitTorrent Sync app, where the original bandwidth can be increased 120 times. As for the most popular torrent apps – uTorrent and Vuze, the effect is also noticeable, boosting attacks by 39 and 54 times respectively.

The researchers say that it’s quite easy to launch a distributed reflective DoS attack via BitTorrent, as the hacker just needs a valid info-hash, or the “secret” in case of BitTorrent Sync. Such attack is easy to run, because the hacker is able to collect millions of possible amplifiers by using trackers, DHT or PEX with a single BitTorrent Sync ping message.

The researchers informed BitTorrent Inc. about the flaw, and the company patched some of vulnerabilities in a recent beta release. However, thus far, uTorrent is still vulnerable to a DHT attack. As for Vuze, the company was also contacted but has yet to release a patch.

Users of BitTorrent-based clients should have no security concern other than the fact that they can be participating in a distributed denial of service attack without their knowledge. The bugs mostly lead to wasted bandwidth.

View user profile

View previous topic View next topic Back to top  Message [Page 1 of 1]

Permissions in this forum:
You cannot reply to topics in this forum