600+ FortiGate Devices Hacked by AI-Armed Amateur - Dark Reading

Informa TechTarget | SearchSecurity Cybersecurity Dive InformationWeek Channel Dive Explore our brands Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources THREAT INTELLIGENCE APPLICATION SECURITY CYBERATTACKS & DATA BREACHES ENDPOINT SECURITY NEWS 600+ FortiGate Devices Hacked by AI-Armed Amateur A Russian-speaking hacker used generative AI to compromise the FortiGate firewalls, targeting credentials and backups for possible follow-on ransomware attacks. Alexander Culafi,Senior News Writer,Dark Reading February 23, 2026 4 Min Read SOURCE: ELENABS VIA ALAMY STOCK PHOTO A financially motivated threat actor with little technical knowhow used generative AI (GenAI) to breach hundreds of FortiGate instances at scale. While this showcases how AI can scale workflows to support threat actors, it also indicates how GenAI is lowering of the technical bar for attackers. A Russian-speaking financially motivated cyber threat actor used otherwise legitimate GenAI services to compromise more than 600 instances of Fortinet's FortiGate firewall, according to Amazon Web Services. Researchers detected the compromises between January and February, finding that devices originated from more than 55 countries, with concentrations noted across South Asia, Latin America, the Caribbean West Africa, Northern Europe, and beyond.  Perhaps most notably, "no exploitation of FortiGate vulnerabilities was observed — instead, this campaign succeeded by exploiting exposed management ports and weak credentials with single-factor authentication, fundamental security gaps that AI helped an unsophisticated actor exploit at scale," according to a blog post detailing the activity. Related:China Uses Dual-Method Cyberattack on Czech Orgs This is by no means an isolated incident: ReliaQuest previously reported that the vast majority of ransomware-as-a-service actors are using AI tools to help automate threat activity. Cyberattackers are also using modern AI technology to conduct reconnaissance, scale social engineering campaigns involving tactics like phishing, and much more. Unsophisticated Actor Compromises 600 FortiGate Instances What stands out about this recent campaign is how the threat actor appeared otherwise technically unsophisticated but leveraged GenAI services "throughout every phase of their operations," CJ Moses, chief information security officer (CISO) of Amazon Integrated Security, wrote. "The threat actor in this campaign is not known to be associated with any advanced persistent threat (APT) group with state-sponsored resources," Moses explained. "They are likely a financially motivated individual or small group who, through AI augmentation, achieved an operational scale that would have previously required a significantly larger and more skilled team." Despite this lack of sophistication, the attacker managed to compromise multiple organizations' Active Directory environments and extract credentials and backup infrastructure. When the attacker met resistance, Moses said, "they simply moved on to softer targets rather than persisting, underscoring that their advantage lies in AI-augmented efficiency and scale, not in deeper technical skill." Related:Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit Amazon did not provide a list of commercial GenAI services the attacker used. However, some use cases were listed: the actor conducted network reconnaissance through custom-built tooling, created custom step-by-step exploitation instructions with a prioritized task tree, and coded multiple additional tools for various pre-and-post exploitation purposes.  The primary initial access vector was exploiting commonly reused credentials on FortiGate management interfaces exposed to the Internet, found by scanning across ports 443, 8443, 10443, and 4443. The goal was to gain access to configuration files, which would contain everything from admin credentials to firewall policies and network topology.  "The threat actor developed AI-assisted Python scripts to parse, decrypt, and organize these stolen configurations," Moses wrote. Once inside victim networks, the attacker specifically targeted Veeam Backup & Replication servers, which "represent high-value targets because they typically store elevated credentials for backup operations, and compromising backup infrastructure positions an attacker to destroy recovery capabilities before deploying ransomware." Other post-exploitation activities for domain compromise and lateral movement involved using established open source offensive tools.  Related:'The Com' Cyberattacks Support Violence & Sexploitation The Defender Component for GenAI-Powered Campaigns It is noteworthy that the threat actor conducted such a far-reaching campaign using GenAI tools, but while this speaks to the power of LLMs in threat operations, it may also work well as a cautionary tale to the enterprise defender based on how numerous organizations were breached. "This campaign succeeded through a combination of exposed management interfaces, weak credentials, and single-factor authentication — all fundamental security gaps that AI helped an unsophisticated actor exploit at scale," Moses said. "This underscores that strong security fundamentals are powerful defenses against AI-augmented threats." For organizations using FortiGate, AWS recommends ensuring management interfaces are not connected to the Internet, and if they are, to restrict access to known IP address ranges. Orgs should also change all default and common credentials across appliances, rotate all SSL-VPN user credentials, audit VPN connection logs for connections from unexpected geographic locations, and implement multifactor authentication (MFA) for all admin and VPN access.  Organizations that may have been affected should monitor for unexpected DCSync operations, new scheduled tasks named to mimic legitimate Windows services, unauthorized access to backup credential stores, and new accounts with names designed to blend in with legitimate ones. AWS also provided a complete list of recommendations and indicators of compromise (IoCs). Fortinet did not immediately return a request for comment.  Xcape's Damon Small tells Dark Reading that the threat actor's end-to-end use of GenAI is somewhat novel but an approach that will almost certainly become more common with time.  "The economy of scale afforded by AI bots makes it almost trivial to 'spray and pray' across a large population of potentially misconfigured devices," he says. About the Author Alexander Culafi Senior News Writer, Dark Reading Alex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere.  At Dark Reading, he covers a variety of cybersecurity topics, including the cybercrime ecosystem, open source security, and the intersection between AI and threat actors. In his spare time, Alex hosts the weekly Nintendo podcast, "Talk Nintendo Podcast," and works on personal writing projects, including two previously self-published science fiction novels. He has received numerous awards, including TechTarget's Writer of the Year in 2022 as well as more than 10 Azbee awards for his reporting between 2022 and today.  Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports How Organizations Are Managing Incident Response How Enterprises Are Developing Secure Applications Inside RSAC 2026: security leaders reveal the risks redefining your defense strategy Essential News & Insights from Black Hat USA 2025 How Enterprises Are Harnessing Emerging Technologies in Cybersecurity Access More Research Webinars The Frontier AI Era: Why Cybersecurity Must Move at Machine Speed Build vs. Buy: The Hidden Cost of Building Your Own AI Security Stack Defending in the Shadow Era: When the CVE Feed Goes Dark Building SecOps That Make the Most of Every Dollar AI-Powered Credential Security: Intelligence Without Exposure More Webinars Editor's Choice CYBERSECURITY OPERATIONS 20 Leaders Who Built the CISO Era: 2 Decades of Change byDark Reading Editorial Team MAY 12, 2026 41 MIN READ APPLICATION SECURITY It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight byJai Vijayan MAY 12, 2026 5 MIN READ CYBERATTACKS & DATA BREACHES Instructure Breach Exposes Schools' Vendor Dependence byAlexander Culafi MAY 6, 2026 4 MIN READ Want more Dark Reading stories in your Google search results? Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars The Frontier AI Era: Why Cybersecurity Must Move at Machine Speed TUESDAY, JUNE 23, 2026 1:00 PM EDT Build vs. Buy: The Hidden Cost of Building Your Own AI Security Stack THURS, JUNE 25, 2026, AT 1PM EST Defending in the Shadow Era: When the CVE Feed Goes Dark TUES, JUNE 16, 2026 AT 1PM EST Building SecOps That Make the Most of Every Dollar THURS, JULY 9, 2026 AT 1PM EST AI-Powered Credential Security: Intelligence Without Exposure WED, JUNE 17, 2026, AT 1PM EST More Webinars BLACK HAT USA | MANDALAY BAY, LAS VEGAS The premier cybersecurity event of the year returns to Mandalay Bay with a re‑engineered, six‑day program built to ignite innovation, push boundaries, and bring the global security community together like never before. Use code: DARKREADING to save $200 on a Briefings pass or $100 on a Business pass. GET YOUR PASS Discover More Black Hat Omdia Working With Us About Us Advertise Reprints Join Us NEWSLETTER SIGN-UP Follow Us Copyright © 2026 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466. Home| Cookie Policy| Privacy| Terms of Use Your Privacy Choices