Citrix hit by DDoS cyberattack, says repair work

New Delhi, December 25 (IANS): The head of desktop virtualization, Citrix, admitted he was hit by a Distributed Denial of Service (DDoS) cyber attack, saying the company is continuing to investigate the impact of the attack on application delivery controller (ADC) devices.

The Citrix ADC is the most comprehensive application delivery and load balancing solution for application security and holistic visibility.

“Citrix is ​​aware of a pattern of DDoS attacks affecting Citrix ADCs. As part of this attack, an attacker or bots can overcome the bandwidth of the Citrix ADC DTLS (Datagram Transport Layer Security) network, which could potentially deplete the output bandwidth range,” she said. is a company in. its threat update.

The company promised to announce the repair in mid-January 2020.

“Citrix is ​​working to improve features in DTLS to eliminate susceptibility to this attack. Citrix expects this improvement to be available on the Citrix download page for all supported versions on January 12, 2021,” the company said.

Users affected by this attack can temporarily disable DTLS to stop the attack and eliminate susceptibility to the attack, it added.

The effect of this attack appears to be more pronounced on links with limited bandwidth.

According to ZDNet, the victims of these Citrix-based DDoS attacks mainly include online gaming services such as Steam and Xbox.

The first of these attacks was discovered and documented by German IT system administrator Marco Hofmann.

Citrox said that at the moment, the scope of the attack is limited to a small number of customers around the world.

“There are no known Citrix vulnerabilities associated with this event. If the Citrix Security Response team discovers that a product is vulnerable to DDoS attacks due to a malfunction in the Citrix software, information about the affected products will be released as a security bulletin,” he noted. .

Source