Amazon: AI-assisted hacker breached 600 Fortinet firewalls in 5 weeks

Source: Bleeping Computer

Amazon has warned that a Russian‑speaking threat actor used multiple generative‑AI services in a campaign that compromised more than 600 FortiGate firewalls across 55 countries in just five weeks.

Timeline & Scope

• Campaign period: 11 January – 18 February 2026
• Geographic reach: South Asia, Latin America, the Caribbean, West Africa, Northern Europe, Southeast Asia, and other regions.

Attack Methodology

1. Target selection – The actor scanned for exposed FortiGate management interfaces.
2. Credential abuse – Weak passwords without multi‑factor authentication (MFA) were exploited.
3. AI‑assisted automation – Generative‑AI tools were used to script and accelerate lateral movement to other devices on the compromised networks.
4. No zero‑day exploits – The breach relied solely on misconfigurations and credential weaknesses, not on any Fortinet vulnerabilities.

Quote from Amazon Integrated Security

“The compromised firewalls were observed across a wide range of regions, highlighting the global impact of simple credential‑based attacks amplified by AI automation.” – CJ Moses, CISO, Amazon Integrated Security

The linked resource provides a template for AI‑focused security board reporting.

An AI‑Powered Hacking Campaign

Amazon discovered the campaign after finding a server that hosted malicious tools used to target Fortinet FortiGate firewalls.

Target Selection

• The threat actor scanned the Internet for FortiGate management interfaces exposed on ports 443, 8443, 10443, and 4443.
• Targeting was opportunistic rather than industry‑specific.
• Instead of exploiting zero‑days, the actor relied on brute‑force attacks using common passwords.

Post‑Compromise Activities

Once a device was compromised, the attacker extracted its configuration, which contained:

• SSL‑VPN user credentials (recoverable passwords)
• Administrative credentials
• Firewall policies and internal network architecture
• IPsec VPN configurations
• Network topology and routing information

These configuration files were parsed and decrypted with AI‑assisted Python and Go tools.

“Following VPN access to victim networks, the threat actor deploys a custom reconnaissance tool, with different versions written in both Go and Python,” explained Amazon.
“Analysis of the source code reveals clear indicators of AI‑assisted development: redundant comments that merely restate function names, simplistic architecture with disproportionate investment in formatting over functionality, naive JSON parsing via string matching rather than proper deserialization, and compatibility shims for language built‑ins with empty documentation stubs.”
“While functional for the threat actor’s specific use case, the tooling lacks robustness and fails under edge cases—characteristics typical of AI‑generated code used without significant refinement.”

Automated Reconnaissance

The tools automated several tasks:

• Analyzing routing tables and classifying networks by size
• Running port scans with the open‑source gogo scanner
• Identifying SMB hosts and domain controllers
• Using Nuclei to probe for HTTP services

Researchers noted that the tools often failed in hardened environments.

Additional Attack Vectors

• Operational notes (written in Russian) described using Meterpreter and Mimikatz for DCSync attacks against Windows domain controllers and extracting NTLM hashes from Active Directory.
• The campaign also targeted Veeam Backup & Replication servers with custom PowerShell scripts, compiled credential‑extraction tools, and attempts to exploit Veeam vulnerabilities.

One compromised server (212.11.64.250) hosted a PowerShell script named DecryptVeeamPasswords.ps1, used to harvest Veeam backup credentials.

“Threat actors often target backup infrastructure before deploying ransomware to prevent restoration of encrypted files from backups,” Amazon explains.

Exploited Vulnerabilities

• CVE‑2019‑7192 – QNAP RCE
• CVE‑2023‑27532 – Veeam information disclosure
• CVE‑2024‑40711 – Veeam RCE

The attacker repeatedly failed against patched or locked‑down systems and moved on to easier targets.

Role of AI

Amazon assesses the threat actor’s skill set as low‑to‑medium, but it was greatly amplified by AI. The actor used at least two large‑language‑model providers to:

• Generate step‑by‑step attack methodologies
• Develop custom scripts in multiple languages
• Create reconnaissance frameworks
• Plan lateral‑movement strategies
• Draft operational documentation

In one case, the actor submitted a full internal victim network topology (IP addresses, hostnames, credentials, services) to an AI service and asked for assistance in further spreading within the network.

“The campaign demonstrates how commercial AI services lower the barrier to entry for threat actors, enabling attacks that would normally be beyond their skill set,” Amazon says.

Recommendations

1. Do not expose FortiGate management interfaces to the Internet.
2. Enable MFA for all privileged accounts.
3. Ensure VPN passwords differ from Active Directory credentials.
4. Harden backup infrastructure (restrict access, keep software patched).

Related Findings

Google recently reported that threat actors are abusing Gemini AI across all stages of cyberattacks, mirroring Amazon’s observations in this campaign.

The Future of IT Infrastructure Is Here

Read the guide →

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide you’ll discover how to:

• Reduce hidden manual delays
• Improve reliability with automated response
• Build and scale intelligent workflows on top of the tools you already use