Merry Christmas. At least for all but those companies who own Citrix hardware. Bad actors have discovered a way to bounce and amplify junk web traffic against Citrix ADC networking equipment to launch DDoS attacks.
While details about the attackers are still unknown, victims of these Citrix-based DDoS attacks have mostly included online gaming services, such as Steam and Xbox, sources have told ZDNet earlier today. The first of these attacks have been detected last week and documented by German IT systems administrator Marco Hofmann. Hofmann tracked the issue to the DTLS interface on Citrix ADC devices. DTLS, or Datagram Transport Layer Security, is a more version of the TLS protocol implemented on the stream-friendly UDP transfer protocol, rather than the more reliable TCP. Just like all UDP-based protocols, DTLS is spoofable and can be used as a DDoS amplification vector.
Citrix has confirmed the issue and they say that they will fix it before the new year. Meaning a fair number of Citrix employees will be working overtime this holiday season. Which means that once this fix becomes available, those who own this gear should install it ASAP.
Like this:
Like Loading...
Related
This entry was posted on December 25, 2020 at 4:34 pm and is filed under Commentary with tags Citrix. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Citrix Hardware Pwned By Hackers Leveraging Them For DDoS Attacks
Merry Christmas. At least for all but those companies who own Citrix hardware. Bad actors have discovered a way to bounce and amplify junk web traffic against Citrix ADC networking equipment to launch DDoS attacks.
While details about the attackers are still unknown, victims of these Citrix-based DDoS attacks have mostly included online gaming services, such as Steam and Xbox, sources have told ZDNet earlier today. The first of these attacks have been detected last week and documented by German IT systems administrator Marco Hofmann. Hofmann tracked the issue to the DTLS interface on Citrix ADC devices. DTLS, or Datagram Transport Layer Security, is a more version of the TLS protocol implemented on the stream-friendly UDP transfer protocol, rather than the more reliable TCP. Just like all UDP-based protocols, DTLS is spoofable and can be used as a DDoS amplification vector.
Citrix has confirmed the issue and they say that they will fix it before the new year. Meaning a fair number of Citrix employees will be working overtime this holiday season. Which means that once this fix becomes available, those who own this gear should install it ASAP.
Share this:
Like this:
Related
This entry was posted on December 25, 2020 at 4:34 pm and is filed under Commentary with tags Citrix. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.