uTorrent Client Affected by Some Pretty Severe Security Flaws (patches available)

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
A Google security researcher has found multiple security flaws affecting the uTorrent web and desktop client that allow an attacker to infect a victim with malware or collect data on the users' past downloads.

The vulnerabilities have been discovered by Google Project Zero security researcher Tavis Ormandy, and they impact uTorrent Web, a new web-based version of the uTorrent BitTorrent client, and uTorrent Classic, the old uTorrent client that most people know.

Attacks rely on luring victims on malicious websites
Ormandy says that both uTorrent clients are exposing an RPC server —on port 10000 (uTorrent Classic) and 19575 (uTorrent Web).

The expert says that attackers can hide commands inside web pages that interact with this open RPC server. The attacker only needs to trick a user with a vulnerable uTorrent client to access a malicious web page.

Furthermore, the uTorrent clients are also vulnerable to DNS rebinding —a vulnerability that allows the attacker to legitimize his requests to the RPC server.
Click to expand...

uTorrent Web impacted the most
The most impacted by these flaws is uTorrent Web, where Ormandy says that an attacker can:

- obtain the RPC server's "authentication secret" to "gain complete control of the [RPC] service," and inherently over the uTorrent Web client.
- download malware on the user's computer.
- change the default downloads folder location (for example to the /Startup folder so anything the attacker downloads is automatically executed at the next boot-up).

Ormandy also believes he could retrieve other data from the uTorrent Web client, but since he obtained a full compromise of the client from the get-go, he did not investigate further.
Click to expand...
Some patches are available
BitTorrent, Inc., the company behind uTorrent, has released version 3.5.3 Beta for the uTorrent Classic client to address the issues, which is expected to reach the stable branch in the coming days. A timeline for the uTorrent Web fixes is not available. Bleeping Computer has reached out to the company for an ETA.

This is not the first time that Ormandy has found bugs in BitTorrent, Inc. applications. He also found a similar RPC server and DNS rebinding flaw in the Transmission client as well.
Click to expand...
 
  • Like
Reactions: spaceoctopus, Deletedmessiah, Faybert and 3 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Numerous Lexmark Printers affected by critical security issues
Replies
0
Views
629
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Applause
    • +Reputation
APC warns of critical unauthenticated RCE flaws in UPS software
Replies
0
Views
1,377
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
vtqhtr413
    • Wow
    • +Reputation
Security News IT consultant fined for exposing shoddy security
Replies
0
Views
1,170
Security News
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top