Russian hacker uses AI tools to breach 600+ FortiGate firewalls across 55 countries in 5 weeks

AWS says 600+ FortiGate firewalls hit in AI-augmented attack

Off-the-shelf tools helped Russian-speaking cybercrime group run riot Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS. The campaign, which ran from mid-January to mid-February, relied less on clever zero-days and more on the equivalent of trying every digital door handle - just at machine speed, with AI lending a hand behind the scenes. AWS says the financially motivated Russian-speaking crew behind the campaign scanned for exposed FortiGate management interfaces, tried commonly reused or weak credentials, and then hoovered up configuration files once inside, giving them a roadmap of victim networks. The cloud giant's security team says the actor used multiple commercial AI tools to generate attack playbooks, scripts, and operational notes, effectively allowing a relatively low-skilled outfit to run a campaign that would previously have required more people or time. Investigators even found evidence of AI-generated code and planning artifacts on compromised infrastructure, suggesting the tools were embedded throughout the workflow rather than just used for the odd bit of scripting. "The volume and variety of custom tooling would typically indicate a well-resourced development team," said CJ Moses, CISO at Amazon. "Instead, a single actor or very small group generated this entire toolkit through AI-assisted development." Once the firewall was cracked, the attackers pulled configuration files containing administrator and VPN credentials, network topology details, and firewall rules. From there, they moved deeper into environments, going after Active Directory, dumping credentials, and probing for ways to move laterally. Backup systems, including Veeam servers, were also on the shopping list. AWS says the tooling it observed was functional but rough around the edges, with simplistic parsing logic and the sort of redundant comments that suggest a machine wrote the first draft. That didn't stop it from being effective enough for broad automation, though the miscreants reportedly tended to abandon targets that put up too much resistance and move on to softer ones, reinforcing the idea that volume rather than finesse was the winning strategy. Geographically, the activity was opportunistic rather than tightly targeted, with victims spread across multiple regions, including parts of Europe, Asia, Africa, and Latin America. Clusters of activity suggested that some compromises may have enabled access to managed service providers or larger shared environments, amplifying downstream risk. The report leans heavily on the idea that basic hygiene - keeping management interfaces off the public internet, enforcing multi-factor authentication, and not recycling passwords - would have shut down much of the activity before it got going. The findings land just weeks after Google warned that criminals are increasingly wiring generative AI directly into their operations, including its own Gemini AI chatbot, for tasks ranging from reconnaissance and target profiling to phishing and malware development. ®

Hackers Used AI to Breach 600 Firewalls in Weeks, Amazon says

Over the last five weeks, a limited number of hackers broke into more than 600 firewalls across dozens of countries with the help of widely available artificial intelligence tools, according to security research from Amazon.com Inc. The small group of hackers - or possibly just one person - used commercial generative AI services to quickly take advantage of weak security measures, such as simple sign-in credentials or single-factor authentication, according to a report from the company. The techniques let the intruders compromise firewalls at a scale that would have otherwise required a larger and more skilled team. The Russian-speaking hackers leveraged their access to the security devices, spread across 55 countries, to move further into some victims' networks in ways that appeared to be setting up ransomware attacks, the report states. The widespread breaches, which Amazon said were financially motivated, are the latest example of hackers using AI to ease and speed cyberattacks. "It's like an AI-powered assembly line for cybercrime, helping less skilled workers produce at scale," CJ Moses, who leads security engineering and operations at Amazon, said in the report. It doesn't identify the AI tools the hackers used nor does it name the victims. Researchers believe the hackers opportunistically broke into firewalls with weak protections, rather than targeting certain industries, according to the report. The compromised devices were spread across South Asia, Latin America, the Caribbean, West Africa, Northern Europe and Southeast Asia. When the hackers encountered more hardened security, they simply moved on to other targets, Moses said. And once inside a network, they "largely failed when attempting to exploit anything beyond the most straightforward, automated attack paths," the report states. Last year, a hacker leveraged technology from Anthropic PBC as part of a vast cybercrime scheme that's impacted at least 17 organizations, Anthropic said, marking what was then an "unprecedented" instance of attackers weaponizing a commercial artificial intelligence tool on a widespread basis. Amazon expects more of this to come. "Organizations should anticipate that AI-augmented threat activity will continue to grow in volume from both skilled and unskilled adversaries," Moses said.

Amazon: AI-assisted hacker breached 600 FortiGate firewalls in 5 weeks

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks. A new report by CJ Moses, CISO of Amazon Integrated Security, says that the hacking campaign occurred between January 11 and February 18, 2026, and did not rely on any exploits to breach Fortinet firewalls. Instead, the threat actor targeted exposed management interfaces and weak credentials that lacked MFA protection, then used AI to help automate access to other devices on the breached network. Moses says the compromised firewalls were observed across South Asia, Latin America, the Caribbean, West Africa, Northern Europe, and Southeast Asia, among other regions. Amazon says it learned about the campaign after finding a server hosting malicious tools used to target Fortinet FortiGate firewalls. As part of the campaign, the threat actor targeted FortiGate management interfaces exposed to the internet by scanning for services running on ports 443, 8443, 10443, and 4443. The targeting was reportedly opportunistic rather than against any specific industries. Rather than exploiting zero-days, as we commonly see targeting FortiGate devices, the actor used brute-force attacks with common passwords to gain access to devices. Once breached, the threat actor extracted the device's configuration settings, which include: These configuration files were then parsed and decrypted using what appears to be AI-assisted Python and Go tools. "Following VPN access to victim networks, the threat actor deploys a custom reconnaissance tool, with different versions written in both Go and Python," explained Amazon. "Analysis of the source code reveals clear indicators of AI-assisted development: redundant comments that merely restate function names, simplistic architecture with disproportionate investment in formatting over functionality, naive JSON parsing via string matching rather than proper deserialization, and compatibility shims for language built-ins with empty documentation stubs." "While functional for the threat actor's specific use case, the tooling lacks robustness and fails under edge cases -- characteristics typical of AI-generated code used without significant refinement." These tools were used to automate reconnaissance on the breached networks by analyzing routing tables, classifying networks by size, running port scans using the open-source gogo scanner, identifying SMB hosts and domain controllers, and using Nuclei to look for HTTP services. The researchers say that while the tools were functional, they commonly failed in more hardened environments. Operational documentation written in Russian detailed how to use Meterpreter and mimikatz to conduct DCSync attacks against Windows domain controllers and extract NTLM password hashes from the Active Directory database. The campaign also specifically targeted Veeam Backup & Replication servers using custom PowerShell scripts, compiled credential-extraction tools, and attempted to exploit Veeam vulnerabilities. On one of the servers found by Amazon (212[.]11.64.250), the threat actor hosted a PowerShell script named "DecryptVeeamPasswords.ps1" that was used to target the backup application. As Amazon explains, threat actors often target backup infrastructure before deploying ransomware to prevent the restoration of encrypted files from backups. The threat actors' "operational notes" also contained multiple references to trying to exploit various vulnerabilities, including CVE-2019-7192 (QNAP RCE), CVE-2023-27532 (Veeam information disclosure), and CVE-2024-40711 (Veeam RCE). The report says that the attacker repeatedly failed when attempting to breach patched or locked-down systems, but instead of continuing to try to gain access, they moved on to easier targets. While Amazon believes the threat actor has a low-to-medium skill set, that skill set was greatly amplified through the use of AI. The researchers say the threat actor utilized at least two large language model providers throughout the campaign to: In one instance, the actor reportedly submitted a full internal victim network topology, including IP addresses, hostnames, credentials, and known services, to an AI service and asked for help spreading further into the network. Amazon says the campaign demonstrates how commercial AI services are lowering the barrier to entry for threat actors, enabling them to carry out attacks that would normally be outside their skill set. The company recommends that FortiGate admins not expose management interfaces to the internet, ensure MFA is enabled, ensure VPN passwords are not the same as those for Active Directory accounts, and harden backup infrastructure. Google recently reported that threat actors are abusing Gemini AI across all stages of cyberattacks, mirroring what Amazon observed in this campaign.

Russian hacker uses multiple AI tools to break hundreds of firewalls

* Russian hacker brute-forced FortiGate firewalls using weak credentials * AI-generated scripts enabled data parsing, reconnaissance, and lateral movement * The campaign targeted Veeam servers; attacker abandoned hardened systems A Russian hacker was recently seen brute-forcing their way into hundreds of firewalls - but what makes this campaign really stand out is the fact that the seemingly low-skilled threat actor was able to pull off the attacks with the help of Generative Artificial Intelligence (GenAI). In a new analysis, Amazon Integrated Security CISO CJ Moses explained how researchers observed a threat actor "systematically" scanning for exposed FortiGate management interfaces across ports 443, 8443, 10443, and 4443. After finding a potential target, they brute-forced their way in, trying countless combinations of commonly used and weak credentials, until one worked. A little rough around the edges Once inside, the hacker extracted full device configuration files (SSL-VPN user credentials with recoverable passwords, administrative credentials, firewall policies and internal network architecture, and more) and parsed, decrypted, and organized them using AI-generated Python scripts. They then used the recovered VPN credentials to connect to internal networks, deploying custom AI-generated reconnaissance tools (written in Go and Python) and moving to Active Directory. "Analysis of the source code reveals clear indicators of AI-assisted development: redundant comments that merely restate function names, simplistic architecture with disproportionate investment in formatting over functionality, naive JSON parsing via string matching rather than proper deserialization, and compatibility shims for language built-ins with empty documentation stubs," Moses said. "While functional for the threat actor's specific use case, the tooling lacks robustness and fails under edge cases -- characteristics typical of AI-generated code used without significant refinement." The attacker also specifically targeted Veeam Backup & Replication servers, deploying credential extraction tools and attempting exploitation of known Veeam vulnerabilities. All of this was done in a span of just a few weeks, between January 11 and February 18, 2026, leading the researchers to believe the attacker is rather unskilled - as throughout their operations, they tried exploiting various CVEs but largely failed when targets were patched or hardened. They frequently abandoned well-protected environments and moved on to easier targets. Via BleepingComputer Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Hacker used commercial AI to breach 600 firewalls, AWS reveals

AWS describes the campaign as an 'AI-powered assembly line for cybercrime'. Commercial AI services are lowering the technical barrier needed to commit cybercrimes, and Amazon warns that this trend will continue. Amazon Web Services (AWS) says it has observed what it describes as a Russian-speaking financially motivated threat actor that leveraged multiple commercial generative AI (GenAI) services to compromise more than 600 FortiGate devices across more than 55 countries over the past month. FortiGate is a newer generation firewall that provides advanced network protection when compared to more traditional ones. AWS describes the hacker as an "unsophisticated" individual or small group armed with AI tools that helps them achieve operational scale to commit crime, something that would have previously required a significantly larger and more skilled team. The campaign struck out to AWS because of the hacker group's use of multiple commercial GenAI services. AWS describes the campaign as an "AI-powered assembly line for cybercrime, helping less skilled workers produce at scale," according to a blog authored by CJ Moses, who leads security engineering and operations at Amazon. The threat actor compromised globally dispersed FortiGate appliances, accessing credentials and device configuration information. They then used these stolen credentials to connect to the victim's internal networks to access more credentials, and attempts to access backup infrastructure. According to AWS' observations, FortiGate vulnerabilities were not exploited by the hacker. Instead, the campaign exploited exposed management ports and weak credentials with single-factor authentication. Moreover, when the group encountered more secure environments, they moved on to softer targets, rather than persisting. Meaning, their power lies in AI-augmented efficiency and scale, not deeper technical skills. The group's targeting seemed opportunistic rather than sector-specific, targeting vulnerable appliances via mass scanning using AI tools, AWS adds. The threat actor in this campaign is not known to be associated with any advanced persistent threat group with state-sponsored resources, the blog explains. Amazon says it was not compromised in this incident. AWS recommends that organisations running FortiGate appliances should ensure management interfaces are not exposed to the internet. It advices that organisations change all default and common credentials on FortiGate appliances, including administrative and VPN user accounts. In addition, AWS recommends organisations enforce unique, complex passwords for all accounts. Don't miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic's digest of need-to-know sci-tech news.

AI Let 'Unsophisticated' Hacker Breach 600 FortiGate Firewalls, AWS Says, As AI Lowers 'The Barrier' For Threat Actors

"[AI] is making certain types of attacks more accessible to less sophisticated actors who can now leverage AI to enhance their capabilities and operate at greater scale," said Amazon's CSO Stephen Schmidt, regarding AWS' report that found over 600 Fortinet FortiGate firewalls were compromised. More than 600 Fortinet FortiGate firewalls were hacked by "unsophisticated" cybercriminals who used off-the-shelf generative AI tools to scale the attack to over 55 countries, according to a new incident report from Amazon Web Services. "What's significant is how AI enabled this actor to operate at scale, generating attack plans, developing tools, and automating operations in ways that would have previously required substantial resources and technical expertise," said Stephen Schmidt, senior vice president and chief security officer at Amazon, in a LinkedIn post. The Amazon Threat Intelligence report said the attacker was a Russian-speaking actor, or a small group, with limited technical capabilities and not associated with any threat group with state-sponsored resources. "This is part of a pattern we're seeing where AI is lowering the barrier to entry for threat actors," the Amazon CSO said. [Related: Andy Jassy On AWS' $244B Backlog, Trainium4 And AI Chips Strategy] "It's making certain types of attacks more accessible to less sophisticated actors who can now leverage AI to enhance their capabilities and operate at greater scale," he added. The cyberattack ran from January 11 to February 18, 2026, and compromised over 600 FortiGate devices across 55 countries in Africa, Asia, Latin and North America, and Europe. CRN reached out to Fortinet for comment on the report, but had not responded by press time. The cyber hackers used several commercial generative AI (GenAI) services to implement and scale well-known attack techniques throughout every phase of their operation, according to AWS. The hackers used at least two commercial LLMs to plan the attacks, generate tools, and assist with the operation, including duration and success rate assessments. "These plans reference academic research on offensive AI agents, suggesting the actor follows emerging literature on AI-assisted penetration testing," said CJ Moses, chief information security officer and vice president of security engineering in the AWS security report. "The AI produces technically accurate command sequences, but the actor struggles to adapt when conditions differ from the plan," Moses said. The threat actor used AI to generate comprehensive attack methodologies complete with step-by-step exploitation instructions, expected success rates, time estimates, and prioritized task trees. AWS said the actor used multiple AI services in complementary roles: One serving as the primary tool developer, attack planner, and operational assistant; and a second used as a supplementary attack planner when the actor needs help pivoting within a specific compromised network. "They are likely a financially motivated individual or small group who, through AI augmentation, achieved an operational scale that would have previously required a significantly larger and more skilled team," said Moses. "Yet, based on our analysis of public sources, they successfully compromised multiple organizations' Active Directory environments, extracted complete credential databases, and targeted backup infrastructure, a potential precursor to ransomware deployment," Moses said. The hackers' infrastructure contained numerous scripts in multiple programming languages "bearing hallmarks of AI generation, including configuration parsers, credential extraction tools, VPN connection automation, mass scanning orchestration, and result aggregation dashboards," according to the AWS report. The threat actors scanned FortiGate management interfaces exposed to the internet and sought to gain access using commonly reused credentials. They developed AI-assisted Python scripts to parse, decrypt and organize these stolen configurations. Once VPN access to victim networks was gained, the cyber criminals deployed a custom reconnaissance tool -- likely developed with AI services -- with different versions written in both Go and Python. Inside the victims' networks, the threat actor leveraged open-source offensive tools including domain compromise using Meterpreter; using standard poisoning tools and remote command execution on Windows hosts; and exploitation attempts leveraging known vulnerabilities in Veeam Backup & Replication servers. "Notably, when this actor encountered hardened environments or more sophisticated defensive measures, they simply moved on to softer targets rather than persisting, underscoring that their advantage lies in AI-augmented efficiency and scale, not in deeper technical skill," Moses said. "Commercial AI services are enabling even unsophisticated threat actors to conduct cyberattacks at scale -- a trend Amazon Threat Intelligence has been tracking closely," said Moses. AWS infrastructure was not involved in the campaign and said no exploitation of FortiGate vulnerabilities was observed. AWS said customers running FortiGate appliances should take immediate action by ensuring management interfaces are not exposed to the internet. The report also says customers need to change all default and common credentials on FortiGate appliances, including administrative and VPN user accounts. Other actions that should be taken include: auditing for password reuse between FortiGate VPN credentials and Active Directory domain accounts; implementing multi-factor authentication for all VPN access; and rotating service account credentials. "AI is changing security on both sides of the equation, but organizations that combine strong security fundamentals with AI-powered tools are well-positioned to stay ahead," Amazon's CSO Schmidt said.

Amazon AI Cyberattack Hits 600 FortiGate Devices

The attackers did not exploit advanced vulnerabilities. Instead, they targeted exposed management ports and weak, single-factor authentication settings. The report shows how is reshaping threat operations. Commercially available AI tools were used to generate attack scripts, automate reconnaissance, and plan lateral movement inside networks. CJ Moses, Amazon CISO, stated that no FortiGate software vulnerabilities were exploited. Rather, "fundamental security gaps" allowed a low-to-medium-skilled actor to scale attacks rapidly. When stronger defenses were detected, the shifted to easier targets, highlighting efficiency over sophistication.