BitTorrent has fixed a flaw in its technology that quietly turns file-sharing networks into weapons capable of blasting websites and other internet servers offline.
The San Francisco company said Thursday the patch for its libuTP software will stop miscreants from abusing the peer-to-peer protocol to launch distributed reflective denial-of-service (DRDoS) attacks.
LibuTP is an essential building block for BitTorrent apps, such as Vuze, uTorrent, Transmission and the BitTorrent’s own client software. These applications must be updated to include the fix, and installed by netizens to fully kill off the DRDoS vulnerability. uTorrent version 3.4.4 40911, BitTorrent version 7.9.5 40912, and BitTorrent Sync version 2.1.3, were all patched up earlier this month.
view the full story here