Detecting vulnerabilities in BitTorrent applications allows hackers to control user computers
A serious flaw in the BitTorrent application of Transmission was discovered by Tavis Ormandy, a leading security expert at Google. If successfully exploited, hackers can take full control of computers running Linux or Windows.
A serious flaw in the BitTorrent application of Transmission was discovered by Tavis Ormandy, a leading security expert at Google. If successfully exploited, hackers can take full control of computers running Linux or Windows.
The Ormandy said hackers could exploit the vulnerability (CVE-2018-5702) to take full control of the application through the website.
Ormandy published the document to explain how the vulnerability works on Chrome and Firefox browsers on computers with Linux or Windows operating systems. This security expert also warns that if users of other platforms such as macOS enable remote access, it is also likely to be affected by this vulnerability.
Some users use a torrent downloader without a password, so hackers can use the domain recovery method to attack a device and control it remotely.
In addition, hackers can take advantage of the vulnerability to change the torent's downloaded file directory and run any command when the application finishes downloading a file.
According to Ormandy, this is one of the first vulnerabilities that allows remote code execution to affect the popular torrent download program.
Ormandy and his team Google's Project Zero reported to Transmission about this serious vulnerability with a patch on November 30, 2017, but so far the company has not responded. Therefore, the security experts group had to publicly disclose their findings.
Your device is in danger of being attacked if you use Torrents to download files from the internet. Therefore, you need to immediately turn off the remote access feature.
You can visit the following link to find out more details about the vulnerability in the BitTorrent application of Transmission.
To fix this, users need to update the security patch immediately when there is information from the provider as well as turn off the feature to allow remote access. While waiting for an update, users should remove or restrict the use of BitTorrent to download the file.
See more:
- The new vulnerability on Intel allows hackers to take control of your computer within 30 seconds
- It turns out this is how hackers attack your computer through the main screen
- Former NSA hacker turned Kaspersky antivirus software into a spy tool
You should read it
- The Mail app on iOS has serious vulnerabilities
- Link download BitTorrent 7.10.5.45785
- Detecting zero-day vulnerabilities in Internet Explorer helps hackers gain control of the computer
- Security vulnerabilities - basic insights
- The new vulnerability on Intel allows hackers to take control of your computer within 30 seconds
- Detects 'long-standing' security vulnerabilities in Microsoft Office
- Android apps used by the US military in combat have security holes
- The new zero-day vulnerability on Windows 10 helps hackers take control of the computer
- Many serious vulnerabilities have been discovered that allow attackers to take full control of the 4G router
- BitTorrent for beginners: instructions for downloading torrent
- How to use BitTorrent software to download movies and games
- Find security holes on every site with Nikto
Maybe you are interested
Instructions to turn off the Spotify Canvas feature How to add wallpapers to the Debian 10 terminal The number of malware on Macs is nearly double that of Windows Dell Latitude 9510 officially launched: 5G support, up to 30 hours of battery life Description of the P2P-Worm.Win32.BlackControl.g template Install 'sirens' for Windows with Predator