Critical bugs in uTorrent allow malicious websites to steal downloaded files and control your computer
Users will have to wait till an updated version is available. We would advise all you pirates out there to stop using the app till patches are in place.
Travis Ormandy, a researcher at Google Project Zero has discovered serious bugs in two versions of the popular BitTorrent program, uTorrent.
What is more concerning is the fact that these security issues are easy to exploit, allowing attackers access to downloaded files in addition to the ability to remotely execute code.
Executing code and accessing downloaded files is not the only thing that the hackers could do as these bugs also allow them to monitor and keep a track of all the downloads made by the user in the past. According to a report by TorrentFreak, the bugs allow any website to control key functions of the torrenting app, which includes the desktop version as well as the web version of uTorrent. The report goes on to point out the most glaring part of the security issue, where it can allow any malicious website to download harmful code into the startup folder of Windows. This means that the malicious code starts automatically when the user boots up their system.
First of a few remote code execution flaws in various popular torrent clients, here is a DNS rebinding vulnerability Transmission, resulting in arbitrary remote code execution. https://t.co/kAv9eWfXlG
— Tavis Ormandy (@taviso) January 11, 2018
uTorrent tried fixing the bug by adding patches, but it seems like the flaws can still be exploited. Users will have to wait till an updated version of the app is available. We would advise all you pirates out there to stop using the app until a new version is available.
Saudi Pro League clubs spent $875.4 million on new players from June 1 to September 1, still well behind the Premier League's $1.98 billion but just ahead of France's $859.7 million
Surprisingly, Matveev seems unbothered by the accusations and has even taunted the authorities. He recently created a T-shirt featuring his own wanted poster and asked his Twitter followers if they would like to buy it