Citrix Hardware Pwned By Hackers Leveraging Them For DDoS Attacks

Merry Christmas. At least for all but those companies who own Citrix hardware. Bad actors have discovered a way to bounce and amplify junk web traffic against Citrix ADC networking equipment to launch DDoS attacks

While details about the attackers are still unknown, victims of these Citrix-based DDoS attacks have mostly included online gaming services, such as Steam and Xbox, sources have told ZDNet earlier today. The first of these attacks have been detected last week and documented by German IT systems administrator Marco Hofmann. Hofmann tracked the issue to the DTLS interface on Citrix ADC devices. DTLS, or Datagram Transport Layer Security, is a more version of the TLS protocol implemented on the stream-friendly UDP transfer protocol, rather than the more reliable TCP. Just like all UDP-based protocols, DTLS is spoofable and can be used as a DDoS amplification vector.

Citrix has confirmed the issue and they say that they will fix it before the new year. Meaning a fair number of Citrix employees will be working overtime this holiday season. Which means that once this fix becomes available, those who own this gear should install it ASAP.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: