Citrix faces DDoS cyberattack, impacting customers

Desktop virtualization company Citrix has faced a distributed denial of service (DDoS) cyberattack impacting some of its customers.
Citrix for enterprise technologyCitrix said it is investigating the impact of the cyber attack on its application delivery controller (ADC) devices.

Citrix ADC is the most comprehensive application delivery and load balancing solution for application security and holistic visibility.

“Citrix is aware of a DDoS attack pattern impacting Citrix ADCs. As part of this attack, an attacker or bots can overwhelm the Citrix ADC DTLS (Datagram Transport Layer Security) network throughput, leading to outbound bandwidth exhaustion,” Citrix said in its threat update.

The company promised to release a fix in mid-January 2020.

Citrix is working on a feature enhancement in DTLS to eliminate the susceptibility to this attack. Citrix expects to have this enhancement available on the Citrix downloads page for all supported versions on Jan 12, 2021.

Customers who are impacted by this attack can disable DTLS temporarily to stop an attack and eliminate the susceptibility to the attack.

The effect of this attack appears to be more prominent on connections with limited bandwidth.

Victims of these Citrix-based DDoS attacks have mostly included online gaming services, such as Steam and Xbox, according to media reports.

The first of these attacks were detected and documented by German IT systems administrator Marco Hofmann.

Citrix, which reported $767 million revenue during the third quarter of 2020, said that the scope of attack is limited to a small number of customers around the world.

There are no known Citrix vulnerabilities associated with this cyber security issue. If the Citrix Security Response Team discovers that a product is vulnerable to DDoS attacks because of a defect in Citrix software, information about affected products will be published as a security bulletin, the company said.