Security News > 2020 > December > Attackers Abusing Citrix NetScaler Devices to Launch Amplified DDoS Attacks

Citrix has issued an emergency advisory warning its customers of a security issue affecting its NetScaler application delivery controller devices that attackers are abusing to launch amplified distributed denial-of-service attacks against several targets.

The desktop virtualization and networking service provider said it's monitoring the incident and is continuing to investigate its impact on Citrix ADC, adding "The attack is limited to a small number of customers around the world."

The issue came to light after multiple reports of a DDoS amplify attack over UDP/443 against Citrix Gateway devices at least since December 19, according to Marco Hofmann, an IT administrator for a German software firm ANAXCO GmbH. Datagram Transport Layer Security or DTLS is based on the Transport Layer Security protocol that aims to provide secure communications in a way that's designed to thwart prevent eavesdropping, tampering, or message forgery.

To determine if a Citrix ADC equipment is targeted by the attack, Cisco recommends keeping an eye on the outbound traffic volume for any significant anomaly or spikes.

Customers impacted by the attack, in the meantime, can disable DTLS while a permanent fix from Citrix is pending by running the following command on the Citrix ADC: "Set vpn vserver -dtls OFF.".

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/4DJfJATymo8/citrix-adc-ddos-attack.html