- Reddit Relationships: Man laughs at girlfriend for using Microsoft PowerPoint during sex Thursday 8:59 PM
- The 15 Brad Pitt movies you need to see now, ranked Thursday 8:26 PM
- Facebook could face legal action over the Area 51 event Thursday 6:50 PM
- How to stream Texans vs. Chargers in NFL Week 3 action Thursday 6:40 PM
- Tekashi 69 alleges Cardi B was a Bloods gang member Thursday 5:55 PM
- Right-wing sites falsely claimed group of Somalis attacked man in viral video Thursday 5:00 PM
- Big creators risk losing checkmarks amid YouTube verification purge Thursday 4:56 PM
- How to stream Eagles vs. Lions in NFL Week 3 action Thursday 4:52 PM
- How to stream Steelers vs. 49ers in NFL Week 3 action Thursday 4:10 PM
- How to stream Bills vs. Bengals in NFL Week 3 action Thursday 4:03 PM
- Colt halts production of AR-15s for civilians Thursday 3:45 PM
- If you love long-winded, hashtag-heavy Instagram captions, these apps can help Thursday 2:54 PM
- Teen girls on TikTok have convinced the internet that they eat their tampons Thursday 2:33 PM
- Twitch streamer faces criticism for trying to defend racist jokes Thursday 2:03 PM
- How to stream Raiders vs. Vikings in Week 3 Thursday 12:55 PM
Now you can use BitTorrent software to anonymously DDoS anybody
This could be big if it isn’t patched soon.
uTorrent, Mainline, and Vuze are all vulnerable to the new attack, dubbed a Distributed Reflective Denial of Service (DRDoS), as Ars Technica reported.
Hundreds of millions of people use BitTorrent to make it easier to share big files. The system distributes the workload across everyone on the network, known as peers, making it quicker to move large quantities of data than it would be from one single point to another.
The DRDoS attack takes advantage of the peering system, allowing an adversary to reflect and and amplify Internet traffic from peers and then direct it at a target site, aiming to crash that site under the weight of overwhelming Internet traffic.
“Our experiments reveal that an attacker is able to exploit BitTorrent peers to amplify the traffic up to a factor of 50 times and in case of BTSync up to 120 times,” the researchers wrote. “Additionally, we observe that the most popular BitTorrent clients are the most vulnerable ones.”
DRDoS attackers get an added bonus, too. By using BitTorrent peers to send the amplified traffic, the attacker’s identity remains hidden, despite the potentially massive size of the offensive.
H/T Ars Technica | Illustration by Max Fleishman
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.