- Pro-Trump subreddit quarantined over violent threats in support of Oregon Republicans 4 Years Ago
- Woman who live streamed a police officer’s shooting is receiving death threats 4 Years Ago
- Pre-Prime Day deals you don’t want to miss 4 Years Ago
- Dana Loesch out at NRATV; ‘thoughts and prayers’ for her career are in Today 12:33 PM
- Trump’s rant about Megan Rapinoe devolves into treatise about PC culture in the NBA Today 10:41 AM
- Is Millie Bobby Brown joining the MCU? Today 10:39 AM
- Hundreds of thousands demand that Etika’s previously deleted YouTube channel be restored Today 10:18 AM
- Eric Trump says cocktail waitress spit on him in Chicago bar Today 9:47 AM
- Maine governor signs net neutrality bill into law Today 9:07 AM
- How the QAnon movement continues without its messenger Today 8:26 AM
- 6 best Korean beauty products for summer Today 8:17 AM
- ‘The Office’ is leaving Netflix in 2021 Today 7:46 AM
- How to install the iOS 13 beta and test out its best new features Today 7:42 AM
- Swipe This! I want my boyfriend to text me everyday. Is that crazy? Today 7:30 AM
- Why every 2020 Democrat is canceled Today 7:01 AM
Now you can use BitTorrent software to anonymously DDoS anybody
This could be big if it isn’t patched soon.
uTorrent, Mainline, and Vuze are all vulnerable to the new attack, dubbed a Distributed Reflective Denial of Service (DRDoS), as Ars Technica reported.
Hundreds of millions of people use BitTorrent to make it easier to share big files. The system distributes the workload across everyone on the network, known as peers, making it quicker to move large quantities of data than it would be from one single point to another.
The DRDoS attack takes advantage of the peering system, allowing an adversary to reflect and and amplify Internet traffic from peers and then direct it at a target site, aiming to crash that site under the weight of overwhelming Internet traffic.
“Our experiments reveal that an attacker is able to exploit BitTorrent peers to amplify the traffic up to a factor of 50 times and in case of BTSync up to 120 times,” the researchers wrote. “Additionally, we observe that the most popular BitTorrent clients are the most vulnerable ones.”
DRDoS attackers get an added bonus, too. By using BitTorrent peers to send the amplified traffic, the attacker’s identity remains hidden, despite the potentially massive size of the offensive.
H/T Ars Technica | Illustration by Max Fleishman
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.