BitTorrent patches flaw that could amplify distributed denial-of-service attacks

BitTorrent fixed a vulnerability that would have allowed attackers to hijack BitTorrent applications used by hundreds of millions of users in order to amplify distributed denial-of-service (DDoS) attacks.

The vulnerability was located in libuTP, a reference implementation of the Micro Transport Protocol (uTP) that’s used by many popular BitTorrent clients including uTorrent, Vuze, Transmission and the BitTorrent mainline client.

The flaw was disclosed earlier this month in a paper presented at the 9th USENIX Workshop on Offensive Technologies by four researchers from City University London, Mittelhessen University of Applied Sciences in Friedberg, Germany and cloud networking firm PLUMgrid.

To read this article in full or to leave a comment, please click here

RSS-4


RSS-4