Number: IRCNE2015082613
Date: 2015/08/28
According to “zdnet”, BitTorrent has taken rapid steps to mitigate a flaw which could divert user traffic to launch reflective DDoS attacks.
The flaw, reported by Florian Adamsky at the USENIX conference in Washington, D.C., affects popular BitTorrent clients such as uTorrent, Mainline and Vuze, which were known to be vulnerable to distributed reflective denial-of-service (DRDoS) attacks.
According to the researchers from City University London, BitTorrent protocols could be exploited to reflect and amplify traffic from other users within the ecosystem -- which could then be harnessed to launch DRDoS attacks powered up to 120 times the size of the original data request.
The team said in a paper documenting the vulnerability that BitTorrent protocols Micro Transport Protocol (uTP), Distributed Hash Table (DHT), Message Stream Encryption (MSE) and BitTorrent Sync (BTSync) are exploitable.
On Thursday, Vice President of Communications at BitTorrent Christian Averill said in a blog post no attack using this method has been observed in the wild and as the researchers informed the BitTorrent team of the vulnerability ahead of public disclosure, this has given BitTorrent the opportunity to "mitigate the possibility of such an attack."
Regarding BTSync, BitTorrent says the severity of the vulnerability -- even before recent updates were applied to the protocol -- mitigated the risk of this vulnerability. In order to exploit the security weakness, an attacker would have to know the Sync user, identifiers would have to be made public, and the protocol's design ensures that peers in a share are limited -- keeping the potential attack scale down.
- 6