Citrix Confirms DDoS Attack Targeting ADC Networking Devices

Citrix alerted its customers regarding a vulnerability in their NetScaler application delivery controller (ADC) which that malicious actors are abusing to launch amplified distributed denial-of-service (DDoS) attacks.

Citrix alerted its customers regarding a vulnerability in their NetScaler application delivery controller (ADC) which that malicious actors are abusing to launch amplified distributed denial-of-service (DDoS) attacks.

The reported DDoS attack pattern used Datagram Transport Layer Security (DTLS) as an amplification vector and affected ADC networking appliances with EDT enabled.

The attacks involved overwhelming the DTLS network throughput to cause outbound bandwidth exhaustion to cause outages.

Users first observed the attack on December 21st and report it over UDP/443 against Citrix (NetScaler) Gateway devices.

Citrix claimed that only that the scope of the attack was limited to a small number of customers around the world but did not disclose the exact number. 

Online gaming services such as Steam and Xbox were affected by the initial attacks.

Citrix advised users of its ADC products to monitor outbound traffic volume for any significant anomaly or spikes. 

Citrix added that they are working on the DTLS vulnerability to eliminate the susceptibility to DDoS attacks that should be available by Jan. 12, 2021.


© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.