Hackers are selling access to 900 Citrix servers belonging to big corporations, banks and government


Hackers are selling access to 900 Citrix servers including XenMobile servers belonging to big companies worldwide

A few days back we had reported how Cross-Site Scripting (XSS) vulnerabilities were discovered in Citrix software which allowed remote hackers to take over the Citrix run servers. We had also reported a critical flaw in Citrix System’s XenMobile servers lets hackers steal confidential information. It seems that these vulnerabilities have been exploited in the wild by threat actors.

Hackers are selling access to as many as 900 Citrix servers on the dark web hacker forums. The list was first reported by Bank Security researchers who state that the listed Citrix servers include a U.S.-based cooperative bank, as well as government organizations, telecommunications and IT services companies around the world.

Citrix Systems servers power many big tech company websites around the world including many US companies. Citrix offers software solutions for virtualization, computer network construction, and cloud computing services, including open-source XenMobile servers. It is estimated that currently at least 230,000 organizations around the world use some of Citrix’s solutions.

Citrix has not commented on the latest data breach news. Bank Security has not given any further information about who made the listing or the sale price.

A week ago another hacker put an ad on the dark web hacker forums to sell a Citrix database that allegedly contained about 2 million records of the company’s customers. The database, identified as citrix_leads_vivo, was on sale for 2.15 Bitcoin (about $20,000 USD at the current exchange rate).


About Author

"The Internet is the first thing that humanity has built that humanity doesn't understand, the largest experiment in anarchy that we have ever had." Eric Schmidt

Notify of
Inline Feedbacks
View all comments