Flaw in Torrent Software Lets Hackers Take Over PCs
Return To ArticleGoogle’s security researcher at Project Zero discovered a serious remote code execution vulnerability in both the ‘μTorrent desktop app for Windows’ and newly launched ‘μTorrent Web’ that allows users to download and stream torrents directly into their web browser.
μTorrent Classic and μTorrent Web apps run in the background on the Windows machine and start a locally hosted HTTP RPC server on ports 10000 and 19575, respectively, using which users can access its interfaces over any web browser.
However, Project Zero researcher Tavis Ormandy found that several issues with these RPC servers could allow remote attackers to take control of the torrent download software with little user interaction.
According to Ormandy, uTorrent apps are vulnerable to a hacking technique called the “domain name system rebinding” that could allow any malicious website a user visits to execute malicious code on user’s computer remotely.
