Skip to content
TechCrunch·

🔒Over 73K Fortinet Devices Hacked by Password Lists

Hackers are using password lists to breach thousands of firewalls

TL;DR

Cybercriminals have compromised tens of thousands of Fortinet devices by scanning for exposed passwords. This campaign, dubbed FortiBleed, affects major companies and industries worldwide.

Fortinet firewalls and VPNs are under attack from hackers using lists of leaked credentials to breach over 73,000 devices. This campaign, known as FortiBleed, doesn't rely on zero-day exploits but rather on weak password hygiene. Companies like Accenture, Comcast, and Samsung have been affected, with India, the US, Taiwan, and Mexico seeing the most compromised systems. The real kicker? These hackers are feeding newly collected passwords back into their scans to find even more vulnerable devices.

Over 73K Fortinet Devices Hacked by Password Lists — TechCrunch

Key Points

1

Over 73,000 unique Fortinet URLs have been compromised by hackers using leaked credentials.

2

FortiBleed affects major companies including Accenture, Comcast, Lenovo, Oracle, and Samsung.

3

India, the US, Taiwan, and Mexico are among the countries with the most affected devices.

4

Industries like IT services, construction materials, telecommunications, and government agencies are heavily impacted.

5

The campaign is being fed by newly collected passwords, allowing hackers to compromise more devices.

Why It Matters

If you manage Fortinet firewalls or VPNs exposed on the internet, your credentials could be compromised. Companies like Accenture and Comcast have been affected, highlighting a critical need for better password management practices.

FortiBleedpassword securityfirewallsVPN

Frequently Asked Questions

Why does this matter?

If you manage Fortinet firewalls or VPNs exposed on the internet, your credentials could be compromised. Companies like Accenture and Comcast have been affected, highlighting a critical need for better password management practices.

What happened?

Cybercriminals have compromised tens of thousands of Fortinet devices by scanning for exposed passwords. This campaign, dubbed FortiBleed, affects major companies and industries worldwide.

Comments

Subscribe to join the conversation...

Be the first to comment

Enjoyed this article?

Get it daily. 7am. Free. Reads in 5 minutes.

Join 2,110 builders reading daily.