JAKARTA - The United States (US)-based network and software company Citrix is a victim of hackers backed by the Chinese government. They take advantage of zero-day vulnerabilities.
According to the US National Security Agency (NSA), the vulnerability comes from two Citrix network products that are widely used to gain access to targeted networks.
The vulnerability was tracked as CVE-2022-27518, affecting Citrix ADC, app delivery controller, and Citrix Gateway, a remote access tool and both popular on the company's network.
The hackers who came from China with the nickname APT5, it is known that the NSA is targeting Citrix ADC to enter the organization without having to steal credentials first.
With this vulnerability, hackers can run malicious codes remotely on vulnerable devices, not even passwords.
Currently, Citrix said the weakness was being actively exploited by the Chinese hacker, "We are aware of a small number of targeted attacks in the wild using this vulnerability," said Citrix's head of security and trust at Peter Lefkowitz.
In its official blog post, Citrix stated that exploitation of this vulnerability has been reported. However, the company has not determined which industries are the target of the organization or how much has been compromised.
Even so, quoted by TechCrunch, Monday, December 19, Citrix launched an emergency patch for vulnerabilities last week and urged customers using build Citrix ADC and Citrix Gateway to immediately install updates.
APT5 has been active since at least 2007, mostly carrying out cyber espionage campaigns, and has a history of targeting tech companies, including those building military applications and regional telecommunications providers.
Last year, APT5 exploited a zero-day vulnerability at Pulse Secure VPN, another network product that hackers often target to penetrate US networks involved in defense research and development.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)