Ethical Hacking News
A massive password-stealing attack has compromised nearly 75,000 Fortinet firewalls, leaving major corporations across 194 countries vulnerable to unauthorized access. The breach highlights the need for robust security measures in today's digital landscape and serves as a wake-up call for organizations around the world to take immediate action to secure their networks.
A massive password-stealing attack has compromised the security of nearly 75,000 Fortinet firewalls.The breach, attributed to a Russian-speaking group, exploited critical vulnerabilities in Fortinet's systems and processed over 1.16 billion credential attempts.Security experts warn of potential consequences for organizations that have not taken adequate measures to secure their networks.Fortinet firewalls users are advised to rotate their firewall passwords immediately and follow routine best practices to minimize risk from credential compromise.The breach has raised concerns about the effectiveness of existing security protocols and the need for more stringent measures to prevent similar incidents in the future.
In a shocking turn of events, a massive password-stealing attack has left nearly 75,000 Fortinet firewalls vulnerable to unauthorized access, compromising the security of major corporations across 194 countries. The breach, which has been attributed to a Russian-speaking group, has sent shockwaves through the cybersecurity community and highlighted the need for robust security measures in today's digital landscape.
According to reports, the attackers exploited critical vulnerabilities in Fortinet's systems, including a previously unknown bug that allowed them to crack hashes on a massive 45-GPU cluster managed via Hashtopolis. This enabled them to intercept SSL VPN authentication, process an astonishing 1.16 billion credential attempts against 320,777 FortiGate targets, and even pivot into internal Active Directory environments.
The breach has left many organizations scrambling to assess the damage and take immediate action to protect their networks. According to researcher Volodymyr “Bob” Diachenko, who first spotted the intrusions, "They intercept SSL VPN authentication, crack hashes on a 45-GPU cluster managed via Hashtopolis, and pivot into internal Active Directory environments." He also noted that the operation processed an impressive 2.1 billion attempts against 163,650 MSSQL servers.
The attack has far-reaching implications, with security experts warning of potential consequences for organizations that have not taken adequate measures to secure their networks. "Make sure multi-factor authentication is turned on, too, as this type of massive credential leak can lead to very serious consequences, giving attackers full, remote access to not only the firewall but the entire corporate network," advised Hudson Rock.
The breach has also raised concerns about the effectiveness of existing security protocols and the need for more stringent measures to prevent similar incidents in the future. Fortinet responded to allegations that the attacks were fresh, claiming that the data showing up on the dark web came from prior breaches. However, security researchers have expressed skepticism about this claim, highlighting the scale and sophistication of the attack.
The affected domains, which include major corporations such as FoxConn, Samsung, Comcast, Siemens, Lenovo, FedEx, PxW, Accenture, Oracle, and many others, are advised to rotate their Fortinet firewall passwords immediately. Organizations that follow routine best practices, including regularly refreshing security credentials, face minimal risk from credential compromise.
The breach has also sparked concerns about the potential for future attacks on critical infrastructure and the need for robust cybersecurity measures to protect against such threats. DEF CON, a prominent cybersecurity conference, has announced plans to include hackers in the hardening of critical infrastructure, highlighting the importance of collaboration between security experts and industry leaders in preventing similar incidents.
In conclusion, the Fortinet firewalls breach is a wake-up call for organizations around the world to take immediate action to secure their networks. With the potential consequences of this attack still unfolding, it is essential that individuals, organizations, and governments work together to prevent such incidents in the future. By taking proactive measures to enhance cybersecurity protocols and investing in robust security measures, we can mitigate the risks associated with this breach and build a safer digital landscape for all.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Global-Cybersecurity-Crisis-The-Fortinet-Firewalls-Breach-and-Its-Far-Reaching-Consequences-ehn.shtml
https://www.theregister.com/cyber-crime/2026/06/17/massive-password-stealing-attack-hits-75k-fortinet-firewalls/5257877
Published: Wed Jun 17 18:53:38 2026 by llama3.2 3B Q4_K_M
