Research finds that BitTorrent protocols can be exploited to amplify Denial of Service (DoS) attacks
BitTorrent clients and BitTorrent Sync can can be exploited by hackers and cyber criminals to launch Denial of Service attacks. A new research has found out that several BitTorrent protocols can be used by a potential attacker to and amplify traffic through fellow file-sharers, boosting the original bandwidth 120 times.
This can be done unknown to the millions of BitTorrent client users and can result in a significant DoS attacks on targets. While BitTorrent swarms are relatively harmless, a new paper published by City University London researcher Florian Adamsky reveals that there’s potential for abuse.
A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users using outside resources. A DoS attack can lead to temporary or indefinite interruption or suspension of services of a host connected to the Internet.
The paper, titled ‘P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks’, shows that various BitTorrent protocols can be used to amplify Denial of Service attacks.
Lead researcher, Adamsky confirmed that they had conducted experiments and found that this vulnerability affects the uTP, DHT, Message Stream Encryption and BitTorrent Sync protocols. Adamsky state that the attacks are most effective through the BitTorrent Sync application where the original bandwidth can be increased by a factor of 120. While in other torrent clients, uTorrrent and Vuze the attack is boosted by 39 and 54 times respectively.
Speaking with TF, Adamsky states that it’s relatively easy to carry out a distributed reflective Denial of Service (DRDoS) attack via BitTorrent. The attacker only needs a valid info-hash, or the “secret” in case of BitTorrent Sync.
“This attack should not be so hard to run, since an attacker can collect millions of possible amplifiers by using trackers, DHT or PEX,” he explains. “With a single BitTorrent Sync ping message, an attacker can amplify the traffic up to 120 times.”
The researchers have notified the BitTorrent client maker about the vulnerabilities and they in turn have released a beta patch to fix these flaws. However uTorrent and Vuze are still vulnerable to a DHT attack.