AI-assisted hacker breached 600 Fortinet firewalls in 5 weeks

Amazon is warning {that a} Russian-speaking hacker used a number of generative AI providers as a part of a marketing campaign that breached greater than 600 FortiGate firewalls throughout 55 international locations in 5 weeks.

A brand new report by CJ Moses, CISO of Amazon Built-in Safety, says that the hacking marketing campaign occurred between January 11 and February 18, 2026, and didn’t depend on any exploits to breach Fortinet firewalls.

As a substitute, the risk actor focused uncovered administration interfaces and weak credentials that lacked MFA safety, then used AI to assist automate entry to different units on the breached community.

Moses says the compromised firewalls had been noticed throughout South Asia, Latin America, the Caribbean, West Africa, Northern Europe, and Southeast Asia, amongst different areas.

An AI-powered hacking marketing campaign

Amazon says it discovered concerning the marketing campaign after discovering a server internet hosting malicious instruments used to focus on Fortinet FortiGate firewalls.

As a part of the marketing campaign, the risk actor focused FortiGate administration interfaces uncovered to the web by scanning for providers operating on ports 443, 8443, 10443, and 4443. The focusing on was reportedly opportunistic slightly than towards any particular industries.

Relatively than exploiting zero-days, as we generally see focusing on FortiGate units, the actor used brute-force assaults with widespread passwords to realize entry to units.

As soon as breached, the risk actor extracted the machine’s configuration settings, which embody:

• SSL-VPN consumer credentials with recoverable passwords
• Administrative credentials
• Firewall insurance policies and inside community structure
• IPsec VPN configurations
• Community topology and routing info

These configuration recordsdata had been then parsed and decrypted utilizing what seems to be AI-assisted Python and Go instruments.

“Following VPN access to victim networks, the threat actor deploys a custom reconnaissance tool, with different versions written in both Go and Python,” defined Amazon.

“Analysis of the source code reveals clear indicators of AI-assisted development: redundant comments that merely restate function names, simplistic architecture with disproportionate investment in formatting over functionality, naive JSON parsing via string matching rather than proper deserialization, and compatibility shims for language built-ins with empty documentation stubs.” 

“While functional for the threat actor’s specific use case, the tooling lacks robustness and fails under edge cases—characteristics typical of AI-generated code used without significant refinement.”

These instruments had been used to automate reconnaissance on the breached networks by analyzing routing tables, classifying networks by measurement, operating port scans utilizing the open-source gogo scanner, figuring out SMB hosts and area controllers, and utilizing Nuclei to search for HTTP providers.

The researchers say that whereas the instruments had been practical, they generally failed in additional hardened environments.

Operational documentation written in Russian detailed easy methods to use Meterpreter and mimikatz to conduct DCSync assaults towards Home windows area controllers and extract NTLM password hashes from the Energetic Listing database. 

The marketing campaign additionally particularly focused Veeam Backup & Replication servers utilizing customized PowerShell scripts, compiled credential-extraction instruments, and tried to take advantage of Veeam vulnerabilities.

On one of many servers discovered by Amazon (212[.]11.64.250), the risk actor hosted a PowerShell script named “DecryptVeeamPasswords.ps1” that was used to focus on the backup utility.

As Amazon explains, risk actors typically goal backup infrastructure earlier than deploying ransomware to forestall the restoration of encrypted recordsdata from backups.

The risk actors’ “operational notes” additionally contained a number of references to making an attempt to take advantage of numerous vulnerabilities, together with CVE-2019-7192 (QNAP RCE), CVE-2023-27532 (Veeam info disclosure), and CVE-2024-40711 (Veeam RCE).

The report says that the attacker repeatedly failed when trying to breach patched or locked-down methods, however as a substitute of constant to attempt to achieve entry, they moved on to simpler targets.

Whereas Amazon believes the risk actor has a low-to-medium talent set, that talent set was drastically amplified by way of the usage of AI.

The researchers say the risk actor utilized a minimum of two massive language mannequin suppliers all through the marketing campaign to:

• Generate step-by-step assault methodologies
• Develop customized scripts in a number of programming languages
• Create reconnaissance frameworks
• Plan lateral motion methods
• Draft operational documentation

In a single occasion, the actor reportedly submitted a full inside sufferer community topology, together with IP addresses, hostnames, credentials, and identified providers, to an AI service and requested for assist spreading additional into the community.

Amazon says the marketing campaign demonstrates how industrial AI providers are reducing the barrier to entry for risk actors, enabling them to hold out assaults that might usually be outdoors their talent set.

The corporate recommends that FortiGate admins not expose administration interfaces to the web, guarantee MFA is enabled, guarantee VPN passwords usually are not the identical as these for Energetic Listing accounts, and harden backup infrastructure.

Google not too long ago reported that risk actors are abusing Gemini AI throughout all levels of cyberattacks, mirroring what Amazon noticed on this marketing campaign.