A significant breach has been reported involving Fortinet firewalls, providing Russian-speaking attackers access to major organizations, including Oracle and Chevron. The breach compromised nearly 74,000 Fortinet devices across 194 countries, with plaintext credentials exposed. The attackers effectively utilized advanced cracking techniques, deploying a 45-GPU cluster to intercept and crack SSL VPN authentication hashes.
Their aggressive methods resulted in full network compromises for several organizations, including a Turkish NATO contractor, leading to the exfiltration of classified documents. Key sectors affected span IT services, telecommunications, and construction. Researchers have urged Fortinet users to investigate their networks urgently.