BitTorrent Users DDoS Websites Without Knowing

Millions of BitTorrent users are unknowingly DDoSing websites because 'publishers' of popular torrents mistakenly add website URLs as trackers. The DDoSes drag websites down and their operators have very few options to mitigate these 'attacks'. But, thanks to a new BitTorrent protocol enhancement this is about to change. This week Vuze becomes the first client to add support for DDoS protection alongside calls from one of the "victims" for other developers to follow suit.

It’s a little known fact but The Pirate Bay and other popular BitTorrent sites have the power to take down pretty much any website on the Internet.

All they have to do is add the target website URL as a “tracker” for the torrents and magnet links they serve. People who download these files will then try to connect to the site in question, bringing it to its knees within minutes due to the sheer volume of requests.

Luckily most torrent sites don’t have such evil intentions, but this week the potential for abuse and the vulnerability of the system is apparent.

On a smaller scale the DDoS issue can also cause problems when torrent uploaders mistakenly add website URLs as trackers. Instead of using real and working trackers, they add bittorrent.com or thepiratebay.org.

One of the site owners who currently suffers from a major BitTorrent DDoS is software developer Dirk Engling, better known as Erdgeist. He is the creator of the OpenTracker software which is used to run popular trackers such as OpenBitTorrent and PublicBitTorrent.

While the OpenTracker project page only hosts the software and does not run a tracker itself, some novice BitTorrent uploaders think it does. As a result his website is being hit with millions of requests per hour.

“Some simple-minded but good willing BitTorrent users started to use the website as tracker URIs. Of course, no tracker runs at this location, this is just the OpenTracker software project page served by some poor Apache httpd,” Erdgeist told TorrentFreak.

“This was a mere annoyance scrolling through my web server logs, but recently people started using the ‘tracker’ URL in popular torrents, leading to around 1000 hits per second and rising,” he adds.

While it’s unclear what exactly caused the spike in traffic, it doesn’t appear come from individual uploaders. There are currently more than a million torrents that point to the erdgeist.org “tracker,” suggesting that it was added automatically by a fairly large BitTorrent site.

Erdgeist has thus far managed to keep his domain online with the help of Nginx, but the site’s traffic and load are still extremely high.

The good news for Erdgeist and other victims (including The Pirate Bay) is that a solution has been worked out. As reported earlier, BitTorrent’s developers and Pirate Bay founder Fredrik Neij drafted a protocol enhancement that allows website operators to prevent clients from connecting by adding a DNS entry.

The bad news is that the implementation of this enhancement in BitTorrent clients is progressing very slowly. But, progress is being made. Yesterday, Vuze became the first BitTorrent client to roll out the feature in a stable release.

Erdgeist, on whose work millions of BitTorrent users rely every day, hopes that other BitTorrent client developers will soon follow suit.

“For years the BitTorrent community has relied on trackers paid for by individuals from their own pockets, written in their spare time. Now it’s time for the community to show some consideration,” Erdgeist told TorrentFreak.

A real difference can be made when Transmission and BitTorrent Inc’s uTorrent and BitTorrent clients join Vuze. BitTorrent Inc, who helped to come up with the solution, have implemented the DNS preferences in the latest Alpha release of uTorrent and promised that the stable release will follow in the future.

In the meantime, BitTorrent uploaders (and site owners) may want to educate themselves on which URLs actually point to a BitTorrent tracker, and which ones do not.

Tagged in: ,

Share this post

Share on Google+

You May Also Like

c There are 54 comments. Add yours?

comment policy