U.S. agency warns that hackers are going after Citrix networking gear

Dec 13 (Reuters) - A hacking group named APT5, which is suspected to be Chinese, has exploited a vulnerability in networking gear from U.S. technology company Citrix Systems Inc to spy on targets.

A U.S. National Security Agency advisory on Tuesday reported the activity and requested that victims who discover additional evidence of an attack reach out to the NSA's Cybersecurity Collaboration Center, a unique division of the spy agency opened in 2021 with the mission of public-private sector collaboration.

Citrix in a blog post said it was "aware of a small number of targeted attacks in the wild using this vulnerability." The company has already released a fix for the vulnerability that customers can download.

The NSA alert did not say that APT5 is Chinese, but private sector security researchers have reported this suspected link previously.

APT5 is known for breaking into telecommunications providers as well as government organizations, satellite and other technology companies. Historically, the hackers have conducted operations across Southeast Asia and Europe in addition to the United States.

China's embassy in Washington did not immediately respond to a request for comment.

Reporting by Christopher Bing; Editing by Leslie Adler and Cynthia Osterman

Our Standards: The Thomson Reuters Trust Principles.

Thomson Reuters

Award-winning reporter covering the intersection between technology and national security with a focus on how the evolving cybersecurity landscape affects government and business.