Launching a distributed denial of service attacks used to be hard. Attackers had to first compromise computers and create zombies before hitting the GO button. With Anonymous offering a point-and-click LIOC tool and coordinating via Twitter, DDOS has become downright social.
A sobering presentation at the Chaos Computer Club Congress in Berlin showed how the popular file sharing platform BitTorrent can be abused as a DDOS tool.
BitTorrent and other peer-to-peer network download tools use distributed hash tables to identify peers downloading the same files, thus eliminating the need for a centralized tracker to manage downloads. This makes transfers go faster as more people share the same files.
While most commonly known for sharing pirated content, BitTorrent does have legitimate uses, such as downloading Linux distributions.
Millions of people use BitTorrent to download files, and in some instances, 100,000 users could be sharing the same file at the same time. As a user named “Astro” showed in a “Lying to Your Neighbors” presentation at the conference, a malicious peer could exploit DHT to direct these users to a specific server, forming a DDOS attack without their being aware of it. Any BitTorrent swarm can be abused to target specific websites and potentially take them down, according to the presentation.
Researchers found previously that adding a Web server’s IP address as a BitTorrent tracker could result in a DDOS, so the software’s potential for abuse is not new. There are multiple known vulnerabilities with DHT but developers can’t agree on how to fix them.
Perhaps this presentation would spur them to act before someone comes along and co-opts an existing torrent for a DDOS attack.