BitTorrent trackers are no strangers to Distributed Denial of Service (DDoS) attacks. Pretty much all sites of a respectable size are targeted on occasion by unknown sources.
In most cases these attacks don’t last too long, but every now and then they get more serious. For example, in recent weeks several French torrent sites have had to deal with a serious flood of unwanted connections, rendering the sites and trackers in question unavailable.
The Morocco-based provider Genious Communications hosts several of the affected torrent sites, including smartorrent.com and cpasbien.pe. To find out more TorrentFreak contacted CEO Hamza Aboulfeth, who told us that the attacks come in all shapes and sizes.
“The biggest attack was on smartorrent.com where we had over 30 Gbit/s which gave us no choice but nullroute the IP at the moment of the attack,” Aboulfeth says.
The attacks range from common HTTP floods to UDP and SYN flood attacks and huge botnets. As a result, Genious has migrated several clients over to a specialized DDoS protection setup.
“We have our own professional DDoS protection system so we had to move some of our clients to it, the rest just moved to Cloudflare where they offer decent protection for a reasonable price,” Aboulfeth says.
The biggest challenge is to mitigate the attacks on trackers as these are not dealing with regular HTTP requests, but so far the company has managed to take the edge off the assaults.
The attacks started a few weeks ago and have been continuing ever since at varying intensities. They are all targeted at several of Genious Communications’ file-sharing related clients, but the identities of the individuals behind them remains a mystery.
Aboulfeth hasn’t heard of any cash demands, which excludes the extortion scheme several other sites were subjected to earlier this year. According to the CEO, it’s most likely that competitors or an anti-piracy group are behind the attacks.
“I think the attacks are most likely coming from competitors or some copyright agency,” Aboulfeth says.
“One common thing is they are all French torrent websites, and I know for a fact that I have been contacted by someone hosted somewhere else claiming that one of our clients is attacking him, and of course my client is denying that,” he adds.
In the long term the sites have no other option than to make sure that they can cope with the DDoS attacks. In most cases they eventually pass, without their victims ever knowing what their purpose was.