New BitTorrent flaw lets cyber crooks get into users' PCs

Attackers are tapping into a new proof-of-concept hacking technique.

Security researchers have found a 'critical flaw' in the Transmission BitTorrent app, which gives cyber crooks complete control of users' computers, according to IBTimes.

According to Google's Project Zero, hackers are tapping into a new vulnerability in the app's design to distribute malicious code on unsuspecting users' computers.

Technologists working at Project Zero have warned BitTorrent clients that they could fall victim to devastating attacks if hackers successfully leverage the flaw.

Tavis Ormandy, a researcher at the organisation, said this is a proof-of-concept attack that capitalises on flaws within certain Transmission functions.

Ormandy explained that hackers are utilising a Transmission function that allows the app to be controlled with web browsers and that they're using a technique called 'domain name system rebinding'.

With it, attackers are able to gain control of the Transmission interface once users access dodgy websites. They're targeting Chrome and Firefox browsers on Windows and Linux systems.

Writing on Twitter, Ormandy said this is "[the] first of a few remote code execution flaws in various popular torrent clients". Before publishing details of this attack, Google Project Zero reached out to Transmission, which has since released a patch.

https://twitter.com/taviso/status/951526615145566208?ref\\_src=twsrc%5Etfw

However, Google made these details public after 40 days, which is unusual for the organisation. Usually, it can take up to 90 days before it releases such information; and unless the developer releases a patch to deal with security vulnerabilities, this process can take even longer. While Transmission was quick in responding to the vulnerability, many developers have apparently not implemented it yet.

In a public post, Ormandy explained: "I'm finding it frustrating that the Transmission developers are not responding on their private security list, I suggested moving this into the open so that distributions can apply the patch independently. I suspect they won't reply, but let's see.

"I've never had an open source project take this long to fix a vulnerability before, so I usually don't even mention the 90-day limit if the vulnerability is in an open source project.

"I would say the average response time is measured in hours rather months if we're talking about open source."