Found a way to use BitTorrent users as DDOS attack agents

Computer security specialists from the City University of London published a work under the dramatic title "Peer File Sharing from Hell: Using BitTorrent Vulnerabilities to Launch Distributed Reflected Denial of Service Attacks." In this paper, they explain how they managed to get popular BitTorrent clients to participate in DRDOS attacks on the Internet server.

The DRDOS attack (not to be confused with the DR-DOS operating system) is to send to various servers a lot of such requests that these servers must respond to. In this case, the ip-address of the sender is faked and replaced with the address of the victim. As a result, all the answers fall on the victim server. If the number of requests to make is too large, the server will have difficulty processing them.

The researchers found a flaw in the BitTorrent protocol, which affects uTP, DHT, Message Stream Encryption and BitTorrent Sync. It allows not only to throw the victim server with unnecessary requests, but also to increase traffic by 50 times in relation to the spent (and in the case of BTSync - and all 120 times). Their method searches for the computers of the distributors, sends them a welcome request, and instead of the return address, slips the address of the server to be attacked.
')
Researchers have already reported vulnerabilities to BitTorrent developers, and they are working on patches for various products. But, of course, it is not immediately possible to replace all clients working with this protocol. Users of old customers may become accomplices of the attack, unaware of it themselves - their outgoing traffic will simply increase.

Classical DDoS attacks are usually organized through a botnet - a network of computers that have become under the control of an attacker through the work of Trojan viruses. Such networks are used both for mass distribution of spam messages and for disabling Internet servers by sending an excessive number of requests.