AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
Source: The Hacker News
A Russian‑speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries.
Amazon Threat Intelligence reported the activity between January 11 and February 18, 2026.
“No exploitation of FortiGate vulnerabilities was observed—instead, this campaign succeeded by exploiting exposed management ports and weak credentials with single‑factor authentication, fundamental security gaps that AI helped an unsophisticated actor exploit at scale,”
— C.J. Moses, Chief Information Security Officer (CISO) of Amazon Integrated Security
Source
The actor’s limited technical capabilities were compensated by multiple commercial generative AI tools used for:
- Tool development
- Attack planning
- Command generation
One AI tool served as the primary backbone, while a second AI tool acted as a fallback for network pivoting. The tool names were not disclosed.
The actor is driven by financial gain and is not associated with any advanced persistent threat (APT) with state‑sponsored resources. As recently highlighted by Google, generative AI tools are increasingly adopted by threat actors to scale and accelerate their operations, even without novel uses of the technology.
“If anything, the emergence of AI tools illustrates how capabilities that were once off‑limits to novice or technically challenged threat actors are becoming increasingly feasible, further lowering the barrier to entry for cybercrime and enabling them to come up with attack methodologies.” — Moses
“They are likely a financially motivated individual or small group who, through AI augmentation, achieved an operational scale that would have previously required a significantly larger and more skilled team,” — Moses
Amazon’s investigation revealed that the actor:
- Compromised multiple organizations’ Active Directory environments
- Extracted complete credential databases
- Targeted backup infrastructure, likely in preparation for ransomware deployment
Rather than persisting in hardened environments, the actor dropped such targets and moved to softer victims, using AI to bridge their skill gap.
Publicly accessible infrastructure managed by the attackers hosted artifacts such as:
- AI‑generated attack plans
- Victim configurations
- Source code for custom tooling
The campaign resembles an “AI‑powered assembly line for cybercrime.”
How the Attacks Worked
- Scanning – Systematic scanning of FortiGate management interfaces exposed to the internet on ports 443, 8443, 10443, and 4443.
- Authentication attempts – Using commonly reused credentials.
- Data extraction – After breach, full device configurations were harvested, revealing credentials, network topology, and device‑specific information.
The scans were sector‑agnostic, indicating automated mass scanning. Activity originated from IP address 212.11.64[.]250 – see the Virustotal report.
Extracted data enabled deeper network penetration and post‑exploitation activities, including:
- Reconnaissance with Nuclei
- Active Directory compromise
- Credential harvesting
- Attempts to access backup infrastructure (typical of ransomware operations)
Compromised clusters were detected across:
- South Asia
- Latin America & the Caribbean
- West Africa
- Northern Europe
- Southeast Asia
“Following VPN access to victim networks, the threat actor deploys a custom reconnaissance tool, with different versions written in both Go and Python,” the company said.
“Analysis of the source code reveals clear indicators of AI‑assisted development: redundant comments that merely restate function names, simplistic architecture with disproportionate investment in formatting over functionality, naive JSON parsing via string matching rather than proper deserialization…”
(The report truncates here.)
Threat Actor Activity Overview
Further steps taken after reconnaissance include:
- Domain compromise via DCSync attacks
- Lateral movement using pass‑the‑hash / pass‑the‑ticket, NTLM relay, and remote command execution on Windows hosts
- Targeting Veeam Backup & Replication servers to deploy credential‑harvesting tools and exploit known Veeam vulnerabilities, e.g.:
The actor repeatedly failed when attempting attacks beyond the “most straightforward, automated attack paths,” often because targets had:
- Patched the services
- Closed the required ports
- Lacked vulnerable exploitation vectors
Recommendations for Fortinet and General Security
With Fortinet appliances becoming an attractive target (source), organizations should:
- Restrict management interfaces – ensure they are not exposed to the internet.
- Change default and common credentials on all devices.
- Rotate SSL‑VPN user credentials regularly.
- Implement multi‑factor authentication for administrative and VPN access.
- Audit for unauthorized administrative accounts or connections.
Additional best practices:
- Isolate backup servers from general network access.
- Keep all software up‑to‑date with the latest patches.
- Monitor for unintended network exposure and anomalous activity.
“As we expect this trend to continue in 2026, organizations should anticipate that AI‑augmented threat activity will grow in volume from both skilled and unskilled adversaries,” says Moses. “Strong defensive fundamentals remain the most effective countermeasure: patch management for perimeter devices, credential hygiene, network segmentation, and robust detection for post‑exploitation indicators.”
Stay Informed
Found this article interesting? Follow us for more exclusive content:
- Google News:
- Twitter:
- LinkedIn: