Citrix hit by DDoS cyberattack, says working on a fix


New Delhi, Dec 25 (IANS): Desktop virtualisation leader Citrix has admitted being hit by a distributed denial of service (DDoS) cyberattack, saying the company is continuing to investigate the impact the attack poses on its application delivery controller (ADC) devices.

Citrix ADC is the most comprehensive application delivery and load balancing solution for application security and holistic visibility.

"Citrix is aware of a DDoS attack pattern impacting Citrix ADCs. As part of this attack, an attacker or bots can overwhelm the Citrix ADC DTLS (Datagram Transport Layer Security) network throughput, potentially leading to outbound bandwidth exhaustion," the company said in its threat update.

The company promised to release a fix in mid-January 2020.

"Citrix is working on a feature enhancement in DTLS to eliminate the susceptibility to this attack. Citrix expects to have this enhancement available on the Citrix downloads page for all supported versions on Jan 12, 2021," the company said.

Customers who are impacted by this attack can disable DTLS temporarily to stop an attack and eliminate the susceptibility to the attack, it added.

The effect of this attack appears to be more prominent on connections with limited bandwidth.

According to ZDNet, victims of these Citrix-based DDoS attacks have mostly included online gaming services, such as Steam and Xbox.

The first of these attacks were detected and documented by German IT systems administrator Marco Hofmann.

Citrox said that at this time, the scope of attack is limited to a small number of customers around the world.

"There are no known Citrix vulnerabilities associated with this event. If the Citrix Security Response Team discovers that a product is vulnerable to DDoS attacks because of a defect in Citrix software, information about affected products will be published as a security bulletin," it noted.

  

Top Stories


Leave a Comment

Title: Citrix hit by DDoS cyberattack, says working on a fix



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.