Eilmeldung
RUМошенники рассылают невестам письма от имени «Госуслуг» об отмене регистрации бракаITSpagna, incendio boschivo: 12 morti e 23 dispersi ad AlmeríaCN国产靶向药恩沙替尼显著降低肺癌术后复发及脑转移风险RUРоссийская теннисистка Пушкарева вышла в финал юниорского УимблдонаARدراسة جديدة تتحدى مفاهيم زراعة الرئة لمرضى سرطان المرحلة الرابعةARتقارير: مدرب فاماليكاو يقترب من ستراسبورغ، والولايات المتحدة تتطلع لاستضافة مونديال الأندية 2029، وبيلينغهام يقود إنجلتراCN湖南江永县早稻抢收抢插 科技赋能粮食生产UKRyanair Passenger Nearly Sucked Out of Shattered Window Mid-FlightINTLTyphoon Bavi Triggers Deadly Landslides in the PhilippinesRUКитайская ракета Long March 10B совершила успешную посадкуRUМошенники рассылают невестам письма от имени «Госуслуг» об отмене регистрации бракаITSpagna, incendio boschivo: 12 morti e 23 dispersi ad AlmeríaCN国产靶向药恩沙替尼显著降低肺癌术后复发及脑转移风险RUРоссийская теннисистка Пушкарева вышла в финал юниорского УимблдонаARدراسة جديدة تتحدى مفاهيم زراعة الرئة لمرضى سرطان المرحلة الرابعةARتقارير: مدرب فاماليكاو يقترب من ستراسبورغ، والولايات المتحدة تتطلع لاستضافة مونديال الأندية 2029، وبيلينغهام يقود إنجلتراCN湖南江永县早稻抢收抢插 科技赋能粮食生产UKRyanair Passenger Nearly Sucked Out of Shattered Window Mid-FlightINTLTyphoon Bavi Triggers Deadly Landslides in the PhilippinesRUКитайская ракета Long March 10B совершила успешную посадку
Newsgather
BackTens of Thousands of Fortinet Firewalls and VPNs Compromised in Global Hacking Campaign
Tens of Thousands of Fortinet Firewalls and VPNs Compromised in Global Hacking Campaign
In Entwicklung
TechCrunch17.06.2026Technik2 dk okumaUnited States

Tens of Thousands of Fortinet Firewalls and VPNs Compromised in Global Hacking Campaign

Auf einen Blick

  • Cybercriminals have compromised over 30,000 Fortinet firewalls and VPNs globally in a campaign dubbed FortiBleed.
  • Hackers exploit weak or reused passwords to gain access, using compromised devices to steal more credentials and expand their reach.
  • Major companies like Accenture, Comcast, and Samsung are among the victims.

KI-generierte Zusammenfassung

Warum es wichtig ist

A global hacking campaign, dubbed FortiBleed, is compromising tens of thousands of Fortinet firewalls and VPNs by exploiting weak or reused passwords. The campaign uses automated tools to scan for vulnerable devices and leverages lists of known credentials to gain access.

Schriftgröße

Cybercriminals have compromised tens of thousands of Fortinet firewalls and VPNs used by major companies all over the world, according to two cybersecurity firms.

The widespread hacking campaign, which is ongoing and has been dubbed FortiBleed, appears to not involve abusing any unknown vulnerability in the targeted devices, but rather on a more basic issue: Companies may not be changing passwords to the firewall, nor making sure that the credentials they use for sensitive systems exposed on the internet are not already known by hackers.

In this campaign, hackers are first using automated tools to scan the internet for exposed Fortinet firewalls and VPNs. Then, they are breaking into the devices thanks to lists of previously known passwords. At that point, the cybercriminals can steal more sensitive data from the victim companies, cybersecurity firms Hudson Rock and SOCRadar wrote in their reports that they published this week.

“Once a device is compromised, [the hackers] use it as a listening post, monitoring traffic passing through and collecting any additional credentials that flow by. Those freshly collected passwords are then fed back into the scanner to compromise even more devices. The system feeds itself,” SOCRadar wrote.

Hudson Rock said they found evidence that suggests more than 73,000 unique Fortinet URLs have been hacked, while SOCRadar said the total of hacked devices is more than 30,000.

According to Hudson Rock, the hacked companies include: Accenture, Comcast, Foxconn, Lenovo, Oracle, Samsung, Siemens, and PwC.

A Lenovo spokesperson acknowledged receipt of TechCrunch’s request for comment but did not respond. None of the other companies responded to a request for comment.

According to both Hudson Rock and SOCRadar, the countries with the most affected devices are India, the United States, Taiwan, and Mexico. But both companies say there are victims all over the world. As for industries, the most affected ones are IT services, construction materials, and telecommunications, according to Hudson Rock. Government agencies are also among the victims, per SOCRadar. Both cybersecurity companies said the group behind the hacking campaign appears to be Russian-speaking.

Fortinet did not respond to a request for comment.

Hudson Rock and SOCRadar’s reports are based on the discovery of a list of credentials for Fortinet devices and associated companies. This hacking campaign was first reported by security researcher Bob Diachenko over the weekend. Independent cybersecurity researcher Kevin Beaumont said in a blog post on Wednesday that he analyzed the data and confirmed the data “is legit.”

Worauf zu achten ist

KI-Ausblick — Möglichkeiten, keine Fakten

  • Further exploitation of Fortinet devices and other network security products with similar vulnerabilities.

    Wahrscheinlich · Innerhalb von Wochen

  • Increased investment in cybersecurity solutions by affected companies and governments.

    Sehr wahrscheinlich · Innerhalb von Monaten

Offene Fragen

  • What specific actions will Fortinet take to address this vulnerability?
  • Will affected companies face regulatory penalties?
  • What is the extent of data stolen from victim organizations?

Verwandte Themen

This article was originally published by TechCrunch.

Ähnliche Meldungen

Rocket Report: Asia's Notable Rocket Debuts and Industry Developments
In Entwicklung·36 dk önce

Rocket Report: Asia's Notable Rocket Debuts and Industry Developments

Asia is set for notable rocket debuts with China's Long March 10B and India's Skyroot Vikram-1. The report also covers RFA's second launch attempt, the final Pegasus rocket flight, Impulse Space entering military launch competition, Isar Aerospace's Canadian launch site plans, Atlas V's final Amazon Leo mission, ArianeGroup's fairing deal, concerns over SpaceX's Transporter missions, ArianeGroup's engine upgrades, Falcon 9's reuse record, and Blue Origin's capital raise.

Ars Technica
Mehr zu diesem Themacybersecurity