How One Amateur Hacker Used AI to Breach 600+ Firewalls Across 55 Countries — Without a Single Exploit

600 Firewalls, 55 Countries, Zero Exploits

Between January 11 and February 18, 2026, a single operator — assessed as having low-to-medium technical skills — compromised over 600 FortiGate firewall devices across 55 countries. The attacker scanned 2,516 devices across 106 countries during the five-week campaign.

The uncomfortable fact: not a single vulnerability was exploited. No CVEs. No zero-days. Every compromise came through default or weak credentials on management interfaces exposed directly to the internet.

Put simply: the firewalls were not broken. They were left unlocked.

Why This Matters Beyond Cybersecurity Headlines

Fortinet has disclosed over 200 CVEs since 2019, including critical ones like CVE-2024-55591 and CVE-2024-47575. Security teams spend significant budgets patching these vulnerabilities. Yet this attacker needed none of them.

The real attack surface was far more mundane: admin panels with single-factor authentication, internet-facing management ports, and passwords that were either default or trivially weak. This is the equivalent of installing a bank vault door and leaving the key taped to the frame.

What makes this case significant for any business running network infrastructure is the operator's profile. According to Amazon's threat intelligence team, this was "a financially motivated individual or small group" — not a state-sponsored APT team. Amazon explicitly stated they do not believe the threat actor works for the Russian government, though forensic analysis identified the individual as Russian-speaking.

The attack demonstrated something the security industry has warned about but rarely seen at this scale: AI tools allowed a single unskilled operator to achieve "an operational scale that would have previously required a significantly larger and more skilled team," as Cybersecurity Dive reported.

How CyberStrikeAI Actually Worked

The attacker built what AWS described as "AI-augmented attack infrastructure" — a layered pipeline where each tool had a specific role. Here is how the components fit together.

The AI Layer

The operator used multiple commercial generative AI tools, including DeepSeek and Claude Code (an agentic AI platform), to compensate for skill gaps. AI was used across every attack phase: tool development, attack planning, command generation, and processing results. The AI did not discover vulnerabilities — it automated the tedious work of scanning, testing credentials, and planning next steps.

Think of it as a GPS for hacking. The driver still has to steer, but the GPS eliminates the need to memorize the map.

Custom Tooling

Two custom tools stood out in the forensic analysis, as The Hacker News detailed:

• ARXON — A Model Context Protocol (MCP) server that processed scan results, invoked DeepSeek to generate attack plans, and modified victim infrastructure. This was the "brain" connecting AI outputs to real actions.
• CHECKER2 — A Go-based orchestrator that ran parallel VPN scanning and target processing. This was the "muscle" handling scale.

The Attack Chain

The post-exploitation playbook followed a textbook progression:

1. Credential testing against internet-exposed FortiGate management interfaces
2. Meterpreter deployment with Mimikatz for credential extraction
3. DCSync attacks against domain controllers to extract NTLM password hashes
4. Complete domain credential database extraction in confirmed cases

In at least one incident, the Domain Administrator account was protected by a plaintext password that was either reused from the compromised FortiGate configuration or was independently weak.

The Server That Told the Whole Story

The investigation centered on server 212.11.64.250, which hosted over 1,400 files — a treasure trove that exposed the entire operation. According to The Hacker News, the server contained:

• CVE exploit code
• FortiGate configuration files from victims
• Nuclei scanning templates
• Veeam credential extraction tools
• BloodHound collection data for Active Directory mapping

The attacker stored detailed plans, credentials, and victim data unencrypted alongside attack tooling. This level of poor operational security is what allowed researchers to reconstruct the full campaign.

The 21 Server IOCs

For security teams running FortiGate infrastructure, here are the indicators of compromise associated with this campaign. Check firewall logs and SIEM data for connections to or from these addresses:

Honest take: the specific IOC list matters less than the detection methodology. If an external IP is authenticating to your FortiGate management interface and that interface is internet-facing, you already have a problem — regardless of whether that IP is on this list.

What This Means for Your Project

The activities observed — stealing password databases, compromising domain controllers, targeting backup systems — are consistent with ransomware staging. As Industrial Cyber reported, this pattern is especially dangerous for organizations with operational technology (OT) networks behind their FortiGate perimeters.

The campaign also revealed a telling pattern: the attacker showed repeated failures against hardened targets and abandoned efforts when automated techniques failed. This is not a sophisticated adversary. This is someone running a script that works only against the lowest-hanging fruit.

Hardening That Actually Stops This Attack

Here is what we recommend, based on what actually would have prevented every compromise in this campaign:

1. Remove Management Interfaces from the Internet

This is non-negotiable. FortiGate admin panels should never be internet-facing. Use VPN or out-of-band management access. Every device in this campaign was compromised through an interface that should not have been reachable.

2. Enforce Multi-Factor Authentication

Single-factor authentication on a firewall management interface is the security equivalent of a screen door on a submarine. MFA would have stopped this entire campaign cold.

3. Replace Default and Weak Credentials

Audit every FortiGate device for default credentials. Enforce password policies with minimum complexity requirements. The fact that default passwords still work on production firewalls in 2026 should alarm every CTO reading this.

4. Isolate Backup Infrastructure

The attacker specifically targeted Veeam backup systems. Backup infrastructure should be segmented from the production network and require separate credentials.

5. Monitor for DCSync and Credential Extraction

If someone runs Mimikatz or performs a DCSync attack on your domain controller, your SIEM should light up. These are well-known attack patterns with mature detection signatures.

The AI Question: Should Businesses Panic?

Real numbers: the attacker scanned 2,516 devices but compromised roughly 600. That is a 24% success rate — meaning 76% of scanned devices were configured well enough to resist an automated credential attack. Basic security hygiene works.

AI did not make this attack possible. Weak passwords and exposed management interfaces made it possible. AI made it scalable — one person doing the work of a team. That distinction matters.

The concern is not that AI creates new attack vectors. The concern is that AI lowers the skill floor. Attacks that once required specialized knowledge can now be orchestrated by someone who knows how to prompt an AI tool. The barrier moved from "can you write exploit code" to "can you describe what you want to accomplish."

Key Takeaway for Business

Three conclusions from this campaign:

First, the most expensive firewall in the world is worthless if the admin password is "admin123" and the management port faces the internet. Security budgets should prioritize configuration hygiene before buying more tools.

Second, AI-assisted attacks are here, but they amplify existing weaknesses — they do not create new ones. Every device compromised in this campaign could have been protected with configurations that cost nothing to implement.

Third, this was a low-skill, financially motivated individual. State-sponsored teams with AI assistance and actual zero-day exploits represent a different threat entirely. If your infrastructure cannot withstand this level of attack, it certainly cannot withstand what is coming next.

The five-week window of this campaign — January 11 to February 18, 2026 — is a reminder that speed matters. Automated scanning at scale means vulnerable devices get found fast. The window between "exposed" and "compromised" is shrinking from months to days.

Audit your FortiGate management interfaces today. Not next quarter. Today.