Prolexic said many of the recent attacks exploited dc++ open source peer-to-peer client for Windows machines using the Direct Connect file-sharing protocol. On their blog, the developers of dc++ acknowledge that the software is being used in DDoS attacks, and note that recent updates have addressed the security holes.
“Unfortunately, we need to come to a grip that no matter how much protection we add to new hubs and clients, there will always be those who are using old versions of their client or hub of choice, which is exactly how people exploit DC,” wrote Fredrik Ullner. “They are taking advantage of people’s resistance of upgrading.”
Last year researchers detailed weaknesses in several widely-used P2P infrastructures. A team from Brooklyn Polytechnic University found that the OverNet P2P protocol could allow networks to be manipulated to launch DDoS attacks. OverNet was used in the eDonkey peer-to-peer software, which has fallen off in usage since the eDonkey web site was taken over by the Recording Industry Association of America (RIAA) as part of a legal settlement. Reports of DDoS weaknesses in the Gnutella network emerged as early as 2002. Last year the team of Elias Athanasopoulos, Kostas G. Anagnostakis and Evangelos P. Markatos confirmed those findings in more recent versions and offered defense strategies.