[ March 12, 2019 ]
Popular enterprise software company Citrix that provides services to the U.S. military, the FBI, many U.S. corporations, and various U.S. government agencies disclosed last weekend a massive data breach of its internal network by “international cyber criminals.”
Citrix said it was warned by the FBI on Wednesday of foreign hackers compromising its IT systems and stealing “business documents,” adding that the company does not know precisely which documents the hackers obtained nor how they got in.
However, the FBI believes that the miscreants likely used a “password spraying” attack where the attackers guessed weak passwords to gain an early foothold in the company’s network in order to launch more extensive attacks.
Resecurity said the Iranian-backed IRIDIUM hacker group hit Citrix in December last year and again on Monday (March 4th) and stole at least 6 terabytes of sensitive internal files, including emails, blueprints, and other documents.
IRIDIUM is an Iranian-linked hacking group that was also behind recent cyber attacks against more than 200 government agencies worldwide, oil and gas companies, technology companies and other targets.