Citrix hit by 'altruistic' Russian hacker w0rm

W0rm has a history of flagging up weaknesses in big networks

Click to follow
The Independent Online

One of the biggest computing companies in the world has been hacked.

Citrix, a US cloud computing company that serves 330,000 organisations worldwide, was hit by Russian hackers known as w0rm in October.

W0rm has previously been named as the source of attacks on the BBC, CNET, Adobe and Bank of America. Citrix did not respond to requests for comment.

The hack was spotted by CyberInt, a cyber security company, which said it shows that even cutting-edge IT companies are not immune from attack.

W0rm has a history of flagging up weaknesses in big networks. Two years ago it offered to sell stolen data from the Wall Street Journal, Vice and the website CNET online for 1 bitcoin. 

It told CNET at the time that its goals were altruistic, to raise awareness of security flaws. 

“The truly disturbing thing about this incident is that it shows how easily even very reputable external IT contractors, on whom companies rely to protect their data in the cloud, are vulnerable,” said Elad-Ben Meir, at CyberInt.

Hackers are not always so kind. 

In December, half of the homes in Ukraine's Ivano-Frankivsk region were left without power for several hours. A local report that attributed the blackout to a virus that disconnected electrical substations from the grid.

Experts said those attacks were the work of a group dubbed “Sandworm”. In a 2014 report, cyber intelligent company iSight said the group was targeting NATO, energy sector firms and U.S. academic institutions as well as government organizations in Ukraine, Poland  and Western Europe.

Hackers were also behind huge consumer data breaches at JD Wetherspoon and TalkTalk in 2015.