A Russian-speaking, financially motivated threat actor has compromised more than 600 FortiGate firewall devices worldwide after leveraging commercial generative AI tools to automate and scale attacks, the Amazon Web Services security team reported.
The campaign began around January 11 and continued through February 18, 2026, impacting organizations across more than 55 countries, with most infections observed in South Asia, Latin America, the Caribbean, West Africa, Northern Europe, and Southeast Asia. The attackers didn’t exploit zero-day or legacy vulnerabilities in Fortinet’s products, instead, the operation targeted FortiGate devices that had management interfaces exposed to the internet, implemented weak or reused passwords, and lacked multi-factor authentication.
Researchers said that during routine threat intelligence operations they uncovered inadequately secured attacker infrastructure hosting malicious tooling, AI-generated attack plans, victim configurations, and custom source code, allowing an insight into the attackers’ TTP.
The attacker conducted systematic scanning for exposed management interfaces on ports 443, 8443, 10443, and 4443, followed by automated login attempts using commonly reused credentials. Once gaining access, the attackers exfiltrated full device configurations, including credentials, network topology data, and other sensitive information that allowed them to move further.
While AWS’s report doesn’t mention the AI services used in the campaign, independent researchers from Cyber and Ramen and Ctrl-Alt-Int3l linked the tooling to Anthropic’s Claude and DeepSeek. The latter was reportedly used to generate scripts for reconnaissance and configuration extraction, while Claude was leveraged for producing vulnerability assessment scripts and tooling to operate offensive security frameworks.
Amazon researchers said that the attackers used AI-assisted Python scripts to parse, decrypt, and organize stolen configurations.
After obtaining VPN access to victim networks, the threat actor deployed custom reconnaissance tools written in Go and Python and leveraged widely available offensive utilities to escalate privileges. Using Meterpreter with the mimikatz module, the actor conducted DCSync attacks against domain controllers to extract NTLM password hashes from Active Directory. In at least one case, a Domain Administrator account was protected by a plaintext password that was either reused from firewall credentials or independently weak, the researchers note.
After domain compromise, the attacker attempted lateral movement via pass-the-hash and pass-the-ticket techniques, NTLM relay attacks, and remote command execution on Windows systems. The campaign has also targeted servers running Veeam Backup & Replication, deploying credential extraction tools and attempting to exploit known Veeam flaws.
The researchers have not observed any ransomware payload in this campaign, however, the activity points to a possible ransomware operation. The campaign seems more opportunistic rather than sector-specific, relying on automated mass scanning for exposed devices.
AWS said that its own infrastructure was not involved in the activity. It also said that the threat actor is not believed to be associated with any known state-sponsored advanced persistent threat group.
The documentation found by the team mentions multiple CVEs across various targets, including CVE-2019-7192, CVE-2023-27532, and CVE-2024-40711, but it appears that the attackers largely failed while attempting to exploit weaknesses due to patched targeted devices, closed relevant ports and OS versions that were not affected by those specific flaws.