logo

Massive password-stealing attack hits 75k Fortinet firewalls

ID: 62d3d4fa-38d6-5e2a-bbaf-b49ee489883e

STIX ID: report--62d3d4fa-38d6-5e2a-bbaf-b49ee489883e

Feed Name: The Register (Security)

Threat Score
88/100

Date Published: 2026-06-17

Date Updated: 2026-06-18

...
...

Massive credential-theft campaign targeting Fortinet FortiGate devices exposed working VPN and admin passwords across ~75,000 devices and 21,632 unique domains worldwide; researchers verified the data, attributed it to a Russian-speaking group that intercepted SSL VPN authentication, used a 45-GPU cluster to crack hashes, processed billions of attempts, and fully compromised several organizations (including a Turkish NATO contractor), while Fortinet characterized much of the data as reshared or brute-forced older credentials.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.