The maintainers of the open BitTorrent protocol for file sharing have fixed a vulnerability that allowed lone attackers with only modest resources to take down large sites using a new form of denial-of-service attack.
The technique was disclosed two weeks ago in a research paper submitted to the 9th Usenix Workshop on Offensive Technologies. By sending vulnerable BitTorrent applications maliciously modified data, attackers could force them to flood a third-party target with data that was 50 to 120 times bigger than the original request. By replacing the attacker’s IP address in the malicious user datagram protocol request with the spoofed address of the target, the attacker could cause the data flood to hit the victim’s computer.
In a blog post published Thursday, BitTorrent engineers said the vulnerability was the result of a flaw in a reference implementation called libuTP. To fix the weakness, the uTorrent, BitTorrent, and BitTorrent Sync apps will require acknowledgments from connection initiators before providing long responses.
“This means that any packets falling outside of an allowed window will be dropped by a reflector and will never make it to a victim,” the BitTorrent blog post stated. “Again referring to the diagram above [which appears immediately below…