A Russian-speaking threat actor used multiple generative AI services to breach more than 600 FortiGate firewalls across 55 countries in five weeks by targeting exposed management interfaces and weak credentials rather than exploiting zero-days. The campaign leveraged AI-assisted tooling (including a custom MCP server and LLMs) to automate reconnaissance, lateral movement, and attacks against backup infrastructure like Veeam, prompting recommendations to close exposed interfaces, enable MFA, and harden backups. #FortiGate #Veeam
Keypoints
- The attacker breached over 600 FortiGate firewalls across 55 countries by targeting exposed management interfaces and weak credentials without exploiting zero-days.
- Generative AI and multiple LLM providers were used to generate attack methodologies, custom scripts, reconnaissance frameworks, and operational documentation.
- Compromised FortiGate configurations leaked VPN and administrative credentials, network topology, and other data used to pivot into victim networks.
- A custom MCP server (ARXON) and tools like CHECKER2 fed reconnaissance into LLMs to automate large-scale scanning and attack planning, though AI-generated code showed reliability issues.
- The campaign targeted Veeam backup servers and attempted known CVE exploits, leading Amazon to recommend removing internet-facing management interfaces, enabling MFA, and hardening backup systems.