Ethical Hacking News
A sophisticated threat actor has compromised over 600 FortiGate devices across 55 countries by exploiting exposed management ports and weak credentials. Using commercial generative AI tools, the attackers have demonstrated a low-barrier-to-entry approach to cybercrime, leaving organizations vulnerable to devastating attacks.
The Amazon Threat Intelligence team has identified a sophisticated threat actor using commercial generative AI services to compromise over 600 FortiGate devices across 55 countries. The attackers, with limited technical capabilities, relied on multiple commercial AI tools for various phases of their attack cycle, including tool development and command generation. The threat actor's goal is financial gain, with no association with APTs or state-sponsored resources. The use of generative AI tools by these attackers illustrates how capabilities once off-limits to novice threat actors are becoming increasingly feasible. The attack method involves scanning FortiGate management interfaces exposed to the internet and attempting to authenticate using commonly reused credentials. The stolen data is used for post-exploitation activities, including reconnaissance, vulnerability scanning, and access to backup infrastructure. The threat actor's operations highlight the need for organizations to prioritize security fundamentals, such as management interface exposure control and credential hygiene.
Amazon Threat Intelligence has uncovered a sophisticated threat actor that leverages commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries. This AI-assisted threat actor has been observed taking advantage of commercially available AI tools to breach the management interfaces of these devices, exploiting exposed ports and weak credentials with single-factor authentication.
The attackers, described as having limited technical capabilities, overcame this constraint by relying on multiple commercial generative AI tools to implement various phases of their attack cycle, including tool development, attack planning, and command generation. One AI tool served as the primary backbone of the operation, while a second tool was used as a fallback to assist with pivoting within specific compromised networks.
The threat actor's ultimate goal appears to be financial gain, with no association with any advanced persistent threat (APT) or state-sponsored resources. The use of generative AI tools by these attackers is notable, as it illustrates how capabilities that were once off-limits to novice or technically challenged threat actors are becoming increasingly feasible, thereby lowering the barrier to entry for cybercrime and enabling them to come up with attack methodologies.
Amazon's investigation into the threat actor's activity has revealed multiple compromised organizations' Active Directory environments, complete credential databases extracted, and even targeted backup infrastructure. It is likely that these actions were part of a lead-up to ransomware deployment.
Notably, rather than devising ways to persist within hardened environments or those with sophisticated security controls, the threat actor chose to drop their targets altogether and move to relatively softer victims. This indicates the use of AI as a means to bridge their skill gap for easy pickings.
Amazon identified publicly accessible infrastructure managed by the attackers that hosted various artifacts pertinent to the campaign, including AI-generated attack plans, victim configurations, and source code for custom tooling. The entire modus operandi is akin to an "AI-powered assembly line for cybercrime."
The attacks began with systematic scanning of FortiGate management interfaces exposed to the internet across ports 443, 8443, 10443, and 4443, followed by attempts to authenticate using commonly reused credentials. The activity was sector-agnostic, indicating automated mass scanning for vulnerable appliances that originated from a single IP address: 212.11.64[.]250.
The stolen data was then used to burrow deeper into targeted networks and conduct post-exploitation activities, including reconnaissance for vulnerability scanning using Nuclei, Active Directory compromise, credential harvesting, and efforts to access backup infrastructure that aligns with typical ransomware operations.
Data gathered by Amazon shows that the scanning activity resulted in organizational-level compromise, causing multiple FortiGate devices belonging to the same entity to be accessed. The compromised clusters have been detected across South Asia, Latin America, the Caribbean, West Africa, Northern Europe, and Southeast Asia.
Following VPN access to victim networks, the threat actor deploys a custom reconnaissance tool, with different versions written in both Go and Python. Analysis of the source code reveals clear indicators of AI-assisted development: redundant comments that merely restate function names, simplistic architecture with disproportionate investment in formatting over functionality, naive JSON parsing via string matching rather than proper deserialization, and compatibility shims for language built-ins with empty documentation stubs.
Some other steps undertaken by the threat actor include achieving domain compromise via DCSync attacks, moving laterally across networks via pass-the-hash/pass-the-ticket attacks, NTLM relay attacks, and remote command execution on Windows hosts. They also targeted Veeam Backup & Replication servers to deploy credential harvesting tools and programs aimed at exploiting known Veeam vulnerabilities.
Another noteworthy finding is that the threat actor repeatedly ran into failures when trying to exploit anything beyond the "most straightforward, automated attack paths," with their own documentation recording that the targets had either patched the services, closed the required ports, or had no vulnerable exploitation vectors.
The emergence of AI tools used by threat actors like this one highlights the need for organizations to prioritize security fundamentals, such as ensuring management interfaces are not exposed to the internet, changing default and common credentials, rotating SSL-VPN user credentials, implementing multi-factor authentication for administrative and VPN access, and auditing for unauthorized administrative accounts or connections.
Additionally, it's essential to isolate backup servers from general network access, ensure all software programs are up-to-date, and monitor for unintended network exposure. As Amazon CISO CJ Moses said, "Strong defensive fundamentals remain the most effective countermeasure: patch management for perimeter devices, credential hygiene, network segmentation, and robust detection for post-exploitation indicators."
The use of AI in this threat actor's operations serves as a stark reminder that capabilities once considered off-limits to novice threat actors are becoming increasingly accessible. As Moses warned, "As we expect this trend to continue in 2026, organizations should anticipate that AI-augmented threat activity will continue to grow in volume from both skilled and unskilled adversaries."
Related Information:
https://www.ethicalhackingnews.com/articles/AI-Assisted-Threat-Actor-Exploits-FortiGate-Devices-Worldwide-Leaving-Trail-of-Compromised-Networks-ehn.shtml
Published: Sat Feb 21 09:39:21 2026 by llama3.2 3B Q4_K_M
