GenAI Turns Amateur Into a Global-Scale Threat Actor
A Russian-speaking, financially motivated threat actor used multiple commercial generative AI tools to compromise over 600 FortiGate firewall devices across more than 55 countries in just five weeks, according to threat intelligence published by Amazon Web Services on February 25, 2026. The campaign ran from January 11 to February 18, 2026, and is the most detailed documented example to date of AI enabling a low-sophistication actor to operate at enterprise scale.
Critically, the attacker never exploited a software vulnerability. The entire campaign succeeded by targeting exposed management ports and weak credentials — fundamental misconfigurations that AI helped systematically identify and exploit at a speed and scale previously beyond an unskilled operator.
| Attribute | Value |
|---|---|
| Threat Actor | Unnamed — Russian-speaking, financially motivated |
| Tools Used | Multiple commercial GenAI services |
| Campaign Window | January 11 – February 18, 2026 |
| Devices Compromised | 600+ FortiGate firewalls |
| Countries Affected | 55+ |
| Attack Vector | Exposed management ports + weak/single-factor credentials |
| CVEs Exploited | None — no software vulnerabilities used |
| Reported By | Amazon Web Services Threat Intelligence |
How AI Amplified a Low-Skill Actor
The campaign illustrates a concerning new threat model: commercial AI as a force multiplier for actors who would otherwise lack the technical capability to conduct large-scale infrastructure attacks.
Phase 1: AI-Assisted Scanning and Target Selection
The actor used AI tools to generate and optimize Python scripts that systematically scanned the internet for FortiGate management interfaces exposed on ports 443, 8443, 10443, and 4443. The AI-assisted tooling parsed scan results and ranked targets by likelihood of weak authentication — work that previously required significant operator skill.
Phase 2: AI-Assisted Credential Attack
With exposed interfaces identified, the actor used AI-generated tooling to attempt authentication using commonly reused credentials and single-factor authentication setups. The AI tools reportedly assisted with adapting attack sequences based on response patterns — behaving more like an experienced penetration tester than a script kiddie.
Phase 3: Post-Exploitation via AI-Generated Scripts
After gaining access, the actor used AI-assisted Python scripts to parse, decrypt, and organize stolen FortiGate configurations. Extracted data was used to conduct:
- Reconnaissance using Nuclei for vulnerability scanning
- Active Directory compromise on connected networks
- Credential harvesting from configurations and local storage
- Backup infrastructure access — consistent with ransomware pre-positioning
| Geographic Region | Concentration |
|---|---|
| South Asia | High |
| Latin America & Caribbean | High |
| West Africa | Moderate |
| Northern Europe | Moderate |
| Southeast Asia | Moderate |
| Total Countries | 55+ |
Recommendations
For FortiGate Operators (Immediate)
- Remove FortiGate management interfaces from public internet exposure — management access should only be available via VPN or dedicated out-of-band management network
- Enforce MFA on all administrative accounts — single-factor authentication is not acceptable for firewall management
- Audit current FortiGate configurations for unauthorized admin accounts, modified ACLs, or unexpected scheduled tasks
- Rotate all administrative credentials on FortiGate devices immediately
- Check management port exposure: verify ports 443, 8443, 10443, and 4443 are not reachable from the public internet via Shodan or similar tools
For Security Teams
- Review SIEM logs for unusual authentication patterns on firewall management interfaces from January 11 onward
- Check for Nuclei scan activity in network logs as a post-compromise indicator
- Audit Active Directory for new accounts, privilege escalations, or Golden Ticket/Pass-the-Hash activity
- Verify backup infrastructure hasn't been accessed by unauthorized accounts — a pre-ransomware indicator
Key Takeaways
- Commercial GenAI has eliminated the skill floor for large-scale infrastructure attacks — 600 devices in 55 countries is no longer out of reach for an amateur with AI tools.
- No vulnerabilities were exploited — this entire campaign succeeded against misconfigured, internet-exposed devices with weak credentials.
- Exposed management interfaces remain one of the most dangerous misconfigurations in enterprise environments.
- AI-assisted Python tooling was used throughout every phase: scanning, attacking, and post-exploitation data processing.
- Post-exploitation patterns align with ransomware pre-positioning — the 600 compromised devices may represent future ransomware targets.
- This campaign is expected to be a template — similar AI-amplified campaigns against other appliance categories should be anticipated.
Sources
- Amazon Web Services: AI-augmented threat actor accesses FortiGate devices at scale
- The Hacker News: AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
- BleepingComputer: Amazon — AI-assisted hacker breached 600 Fortinet firewalls in 5 weeks
- Dark Reading: 600+ FortiGate Devices Hacked by AI-Armed Amateur
- Cybersecurity Dive: AI helps novice threat actor compromise FortiGate devices in dozens of countries