BitTorrent Can Be Used for DDoS AttacksAdded: Monday, January 3rd, 2011
Category: Recent Headlines Involving File Sharing > Current Events
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extrattorrent.com
A talk at the CCC (Chaos Communications Congress) made it clear that BitTorrent swarms can be easily exploited to take down large sites. In short words, vulnerability in the technology of “trackerless” torrents indeed makes it possible to trick downloaders of popular torrents into send a great number of requests to a chosen server, finally taking it down. Virtually, this makes BitTorrent quite an effective DDoS instrument.
Everyone knows that BitTorrent is in the list of the most effective tools for transferring huge digital files to many people simultaneously. As distinct from a central server, BitTorrent transfers tend to increase speed as more people share the same file. That is the reason why BitTorrent has evolved into the most popular file-sharing platform.
Imagine that millions of people are downloading files through BitTorrent daily. Meanwhile, in some instances over 100 thousand people are sharing the same file at the given moment. While such large swarms of peers are good for sharing, they can also be used for DDoS attacks, as the Chaos Communications Congress recently revealed.
CCC talk was titled “Lying To Neighbors”, and revealed that the DHT technology powering “trackerless torrents” can easily be abused, as BitTorrent downloaders are able to effectively DDoS a certain server. In fact, DHT’s function is to find peers with the same files without communicating with a central tracker, which ensures that your downloads will continue even when the central BitTorrent tracker goes offline. However, DHT can also be exploited to carry out a DDoS attack. In case there’re enough peers downloading the same file, this can effortlessly take down large sites. The sad side of all this is that the downloaders involved in the DDoS attack may be unaware of that.
Such DHT vulnerabilities aren’t new concepts for the developers. In fact, they have been discussed earlier, but still no agreement has yet been reached on them. Meanwhile, over the last months DDoS attacks became a common event, major part carried out under the flag of Operation Payback. However, those attacks required hundreds of users to actively participate simultaneously, while the BitTorrent DDoS is able to take down a server from a single computer.
It unclear whether BitTorrent developers are planning to act upon that DHT vulnerability to prevent that kind of abuse after it became known to everyone, or not.
Thanks to TorrentFreak for providing the source of the article
January 3rd ,2011
Monday, January 3rd, 2011
|soooooo...when are you gonna teach us how to do it SaM?...lol, thanks for the read|
|posted by (2011-01-03 10:35:11)|
|4chan is onto this|
|posted by (2011-01-03 18:06:04)|
|Wow its like being shot by Marvin ..I will shoot u with my super dooper Modulator...|
|posted by (2011-01-03 20:32:34)|
|So if the MPAA etc are uploading to identify our IP's does this mean we can all take them down permanently using BitTorrent. As soon as they stop one of us another automatically takes over. How cool would that be? Thanks Sam.||
Most Popular Stories