<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>

Severe flaw in µTorrent can let hackers to control your PC remotely

Severe flaw in µTorrent can let hackers to control your PC remotely
28 Feb, 2018

World's most popular torrent download software µTorrent has been detected with multiple security flaws. If you have this software installed on your computer, it's time to download its latest version for windows as soon as possible.

The serious remote code execution vulnerability that lets attackers intrude into a user's computer is discovered by Google's security researcher Tavis Ormandy in both µTorrent classic version and the newly launched µTorrent Web version.

According to Ormandy's report, "By default, µTorrent create an HTTP RPC server on port 10000 (µTorrent classic) or 19575 (µTorrent web). There are numerous problems with these RPC servers that can be exploited by any website using XMLHttpRequest(). To be clear, visiting *any* website is enough to compromise these applications." So, the flaws in RPC servers could allow any remote attackers to take control of the Torrent download software with little user interaction.

Through "domain name system rebinding", a hacking technique, hackers could potentially execute remote code, download malware to system's startup folder, launch malware on reboot, access downloaded files, as well as track user's download history, said Ormandy. To execute DNS rebinding attack, one can simply create a malicious website with a DNS name that resolves to the local IP address of the computer running a vulnerable µTorrent app.

Ormandy mentioned that there is one exploit for µTorrent web and two for µTorrent Desktop. Though the exploit affects all unpatched versions, it primarily affects the newly launched µTorrent web as it has a severe remote code execution bug. To report the security flaw, Ormandy reached out to BitTorrent in November last year. Google's Project Zero allows developers to fix the security flaws within 90days. The deadline was creeping up but BitTorrent remained silent. Recently, Ormandy again reached out to BitTorrent Inc's Bram Cohen, fearing that the company might not fix the vulnerability in time.

Ormandy being the security researcher from Google might have expected a more swift response, the issue was not ignored completely. He believes he could retrieve other data from the µTorrent Web client but since he obtained a full compromise of the client from the get-go, he did not investigate further.

Meanwhile, BitTorrent has rolled out a ‘patch' in the latest Beta release. It has released version 3.5.3 Beta for the µTorrent Classic client to address the issues, which is expected to reach the stable branch in the coming days. The patched version of the µTorrent web is v0.12.0.502.

In an official statement, the company said, "Our fix is complete and is available in the most recent beta release (build 3.5.3.44352 released on 16 Feb 2018). This week, we will begin to deliver it to our installed base of users. All users will be updated with the fix automatically over the following days. The nature of the exploit is such that an attacker could craft a URL that would cause actions to trigger the client without the user's consent (e.g. adding a torrent)."

However, Ormandy expressed his displeasure with the response because according to him, BitTorrent just added a second token to µTorrent Web which does not solve the issue. It will only take one visit to a targeted website to trigger a hack. In order to stay safe, users are advised to upgrade the latest beta release or disable µTorrent for now.

Read Other Articles

Read All Articles »
Quick look at the 10 facts you need to know about the latest Facebook hack
Quick look at the 10 facts you need to know about the latest Facebook hack
Read Details »
Top certifications in cyber security industry
Top certifications in cyber security industry
Read Details »
Android Pie is here! Let's enjoy a slice
Android Pie is here! Let's enjoy a slice>
Read Details »
Building a career in IoT: A thorough guide
Building a career in IoT: A thorough guide
Read Details »
The mystery of UIDAI : Who & Why!! Is it a threat? A detailed discussion
The mystery of UIDAI : Who & Why!! Is it a threat? A detailed discussion
Read Details »
Top 5 cyber security jobs in the age of Cyber Disruption
Top 5 cyber security jobs in the age of Cyber Disruption
Read Details »
Top Cyber Security trends of 2018
Top Cyber Security trends of 2018
Read Details »
A severe vulnerability in Signal desktop app allowing hackers to steal chats in plaintext without any user interaction
A severe vulnerability in Signal desktop app allowing hackers to steal chats in plaintext without any user interaction
Read Details »
Cambridge Analytica and Facebook Controversy: What happened so far?
Cambridge Analytica and Facebook Controversy: What happened so far?
Read Details »
Equifax identifies an additional 2.4 million U.S. consumers affected by the massive data breach of 2017
Equifax identifies an additional 2.4 million U.S. consumers affected by the massive data breach of 2017
Read Details »
Cyber Criminals are turning into Cryptominers, Dominating Cyber Threat Landscape
Cyber Criminals are turning into Cryptominers, Dominating Cyber Threat Landscape
Read Details »
Android Banking Trojan targets over 232 banking apps, including Indian banks
Android Banking Trojan targets over 232 banking apps, including Indian banks
Read Details »
Private end-to-end encrypted Whatsapp group chats are not secured anymore!
Private end-to-end encrypted Whatsapp group chats are not secured anymore!
Read Details »
Top Cyber Attacks In 2017
Top Cyber Attacks In 2017
Read Details »
>
<

Hacking Tools

Explore All Hacking Tools »
UFTP - UDP based FTP with encryption
UDP based FTP with encryption

UFTP is an encrypted multicast file transfer program for secure, reliable & efficient transfer of files. It also helps in data distribution over a satellite link.

Read Details

Breaking News

Breaking News Of Each Month »
ATMs turn into Jackpot machines!
ATMs turn into Jackpot machines!

At least six attacks have taken place within the last week. They ranged in location from the Pacific Northwest to the Gulf region to New England. Thieves have stolen over $1 million in attacks so far.

Read Details