BitTorrent programs can be abused to amplify distributed denial-of-service attacks

BitTorrent applications used by hundreds of millions of users around the world could be tricked into participating in distributed denial-of-service (DDoS) attacks, amplifying the malicious traffic generated by attackers by up to 50 times.

DDoS reflection is a technique that uses IP (Internet Protocol) address spoofing to trick a service to send responses to a third-party computer instead of the original sender. It can be used to hide the source of malicious traffic.

The technique can typically be used against services that communicate over the User Datagram Protocol (UDP), because unlike the Transmission Control Protocol (TCP), UDP does not perform handshakes and therefore source IP address validation. This means an attacker can send a UDP packet with a forged header that specifies someone else’s IP address as the source, causing the service to send the response to that address.

To read this article in full or to leave a comment, please click here