BotTorrent: A new paradigm in hacktivism?

The Low Orbit Ion Cannon, or LOIC, is a popular tool for taking down websites these days. It was used on Visa, Master Card, Paypal and other institutions by "Anonymous" hacktivists.


A new weapon of mass awareness is in the horizon, however, that may very well step up the severity and efficiency of these attacks. If effective, it will set into motion attacks originating from thousands of computers worldwide. The difference? End-users will not necessarily know they are participating in the attacks.


Thought BitTorrent was just about downloading movies and TV shows? Think again: The BitTorrent protocol can be abused to initiate massive denial of service attacks, which could be used to take down large-scale websites. This exploit is based on BitTorrent’s ability to download data without the help of any centralized server, also known as trackerless BitTorrent. Here's how it would work.


A home user navigates to a torrent search engine to download a popular file (a film or TV show, for instance).The file may have several thousands of leechers or seeders; these numbers may increase to the hundreds of thousands in some cases, depending on the popularity of the file. For simplicity, think of each leecher as one computer attempting to download the file.


BitTorrent was originally designed with a central server dubbed tracker in mind which would help users interested in the same file find each other to facilitate downloads. However, these tracker servers have become a kind of Achilles heel of the P2P protocol. Once a tracker server goes down, the whole network goes down. BitTorrent programmers came up with a way to discover users without such a server that’s based on the Kademlia DHT technology.


This technology is based on individual BitTorrent clients randomly introducing themselves to each other to establish a kind of distributed directory. However, it was recently showed that one can manipulate some of the data exchanged by BitTorrent clients for trackerless torrenting to introduce oneself to many more clients in the network than necessary and then tell those clients that a popular file is available under a certain IP address.


By manipulating the data being communicated through BitTorrent clients, one can create the appearance of availability for a given file and cause leechers to attempt a download. The leecher would not actually be downloading the intended file, but attacking a target IP without their knowledge. This would result in the flooding of the target host and, in many cases, eventual take-down of the target site.


Nefarious users could utilize publicly available data from torrent sites like The Pirate Bay to find DHT hashes for some of the most popular files and essentially trick some of these downloaders into attacking a certain target. For example, one could tell tens of thousands of users that a fresh version of Tron Legacy (not yet released!) is available at an address that really is the web server of a corporation. All of these users would immediately try to download the file under that address, bombarding the server with requests and possibly taking it down in the process.



Distributed denial of service (DDoS) attacks were most recently used to take down the sites of major credit card companies as part of the Anonymous revenge for actions taken against WikiLeaks. However, users tend to actively take part in a DDoS attack. In the case of this type of exploit, users may not even be aware that they’re bombarding a bank server with bogus requests while they’re trying to download a movie file.


This new technology, termed BotTorrent, would have revolutionary significance not merely in virtue of its creative underpinnings, but in terms of legal responsibility. Clearly, it is unlikely that end-users would prosecuted for carrying out an attack of which they had no knowledge. Furthermore, given the number of unknowing users carrying out the attacks, the magnitude of the attacks would expand massively.

No comments: