Pretty weird stuff I noticed today.
Launching qBittorrent with 2 torrents with less than 10 sources.
It crashed at startup 3 times in a row. Checking in the System Monitor showed qbittorrent still running though no gui was available.
Impossible to shut it down even from the command line. Kill believed no such process whas running either by name or PID.
I use Mobloquer to do IP filtering based on blocklists, and it showed several attempted connections from blacklisted IP's while this was going on.
After a reboot, I've removed and reinstalled qbittorrent in case the binary had been tampered with.
Relaunching shows again many connection attempts to blacklisted IP, most of which are from the Bogon list which means, IP ranges that haven't been attributed yet.
Those connections could be explained by the torrents which may be poisoned, but the crashing and the process running in the background and not being killable makes me wonder what happened and if qbittorrent or my whole system have been compromised.
EDIT: further testing and some googling reveals the situation is less alarming than I thought, though I'm still not comfortable with the unkillable background process thing.
So eventually tested launching qb with all torrents paused and then without any torrents at all. Both tests showed 2 bogon IP's still trying to connect.
224.0.0.2 : standard IP used for multicasting on local networks
239.255.255.250 : port 1900 (UDP) - standard IP used for UPnP
95.215.62.26 : tracker.openbittorrent.com (only with the paused torrents tests - not bogon, part of another blocklist, whitlisted now)