Saturday, 1 January 2011

Hackers turn BitTorrent into BotTorrent, to use in DDoS attacks

An earlier report noted a proof-of-concept URL shortener that could be used in DDoS attacks, and a new presentation at the Chaos Computer Club (CCC) Congress in Berlin goes further. The latest hack uses an exploit in trackerless torrents that can turn BitTorrent into a DDoS tool.

DHT, or distributed hash tables, are the technology behind “trackerless torrents.” DHT is used in BitTorrent downloads to eliminate the need for a central tracker. Instead, DHT identifies peers who are downloading the same files.

However, as "Astro," who presented the concept noted, a malicious DHT could direct downloaders to a specific server, forming a DDoS attack, without the participants even knowing they are being used in that manner.

The presentation was called “Lying To The Neighbours.” TorrentFreak called it "BotTorrent," for creating a botnet out of a torrent.

One can see how such a hack could be used to hit the MPAA twice at once. A torrent download of a movie could be offered (1), while at the same time attacking the MPAA's website (2). Of course, the attackers couldn't be prosecuted (at least for the attack) as they would have no knowledge of the attack.

It would be a shame to see this used as ammunition against BitTorrent. Despite the fact it has piracy-related uses, it also has other, valid uses (such as downloading Linux distros).

GoDaddy.com