Home / Technology / Fortinet Firewalls Hacked: Passwords Exposed!
Fortinet Firewalls Hacked: Passwords Exposed!
17 Jun
Summary
- Tens of thousands of Fortinet firewalls compromised globally.
- Hackers exploited weak and reused passwords, not new vulnerabilities.
- Compromised devices are used to steal more credentials and data.
A significant cyberattack, named FortiBleed, has impacted tens of thousands of Fortinet firewalls and VPNs globally. This ongoing campaign exploits a fundamental security lapse: the failure of companies to change default passwords or secure internet-exposed credentials. Hackers are systematically scanning for vulnerable Fortinet devices and breaching them using lists of previously leaked passwords.
Upon successful intrusion, attackers leverage these devices as listening posts to monitor network traffic and harvest further credentials. These newly acquired passwords are then fed back into the scanning process, amplifying the attack's reach. Reports indicate over 73,000 Fortinet URLs may have been compromised, with estimates exceeding 30,000 devices.
The affected countries include India, the United States, Taiwan, and Mexico, with victims spanning IT services, construction, telecommunications, and government sectors. The perpetrators are believed to be a Russian-speaking group. This campaign highlights the critical need for robust password management and security hygiene to protect sensitive corporate infrastructure.
