By default utorrent Classic creates a JSON RPC server on port 10000, it's not clear to me that this was intentionally exposed to the web, as many endpoints crash or interfere with the UI. Here are some example actions that websites can take:

http://lock.cmpxchg8b.com/utorrent-crash-test.html

Nevertheless, browsing through the available endpoints I noticed that the /proxy/ handler is enabled and exposed by default, and allows any website to enumerate and copy any files you've downloaded. To be clear, any website you visit can read and copy every torrent you've downloaded. This works with the default configuration.

In short - uTorrent improperly keep RPC port open and listening despite remote control and Web UI is being turned off. But even with this you need to opens some malicious web page and it is not fully clear that it can do except of crash client.

In reality fix is 30 seconds long and works even for most popular old version - 2.2.1

Need to only change one setting in Advanced settings

It shuts down RPC port listening, hence all is ok.

And here is media reaction: