A recent investigation has revealed that a Russian-speaking group exploited commercial generative artificial intelligence tools to breach over 600 Fortinet FortiGate firewall devices spanning more than 55 countries earlier this year.
The operation, conducted from mid-January to mid-February, targeted weak security configurations instead of advanced technical flaws, as detailed in a report by Amazon’s threat-intelligence team released on Friday.
The attackers effectively utilized a range of commercial AI services to create attack strategies, automate scripts, and oversee operations. This enabled what researchers deemed a “low-to-medium-skilled actor” to execute assaults at a scale typically observed only among more advanced groups.
“Commercial AI services can lower the technical barrier to entry for offensive cyber capabilities,” the report stated. Amazon did not disclose which specific AI tools were deployed during these attacks.
The assailants appeared to be motivated by financial gain and did not seem to have connections to any state-sponsored hacking entities. Their approach was opportunistic, seeking out vulnerable systems through automated mass scanning rather than focusing on targeted industries. Compromised devices were identified in various regions, including South Asia, Latin America, the Caribbean, West Africa, Northern Europe, and Southeast Asia.
Amazon discovered extensive Russian-language documentation that outlined AI-generated attack plans, operational checklists, and bespoke code designed to streamline nearly every phase of the operation, from initial network scans to post-breach reporting.
The attacks specifically aimed at FortiGate firewalls, essential security appliances that assist organizations in managing network traffic and remote access. According to Amazon, the breaches did not exploit newly found vulnerabilities. Instead, attackers found devices with exposed administrative access and weak authentication practices.
Once inside, the attackers extracted complete device configurations, including passwords and network architecture details. They leveraged this information to penetrate deeper within the internal systems. In certain cases, they accessed organizations’ Active Directory environments and targeted backup systems, a step that researchers suggest may indicate intentions for future ransomware attacks.
Researchers also scrutinized custom tools that were recovered from the attackers’ infrastructure, which included scripts for credential extraction, VPN automation, and mass scanning. The code exhibited noticeable signs of AI-assisted generation: while it functioned well under expected conditions, it often faltered in atypical scenarios.
“The threat actor largely failed when attempting anything beyond straightforward automated attack paths,” the report noted, highlighting several instances where patched systems or basic defensive measures compelled the group to abandon their efforts. In some cases, the attacker’s own documentation acknowledged that certain targets were too well fortified for exploitation.
Amazon clarified that its own cloud infrastructure was not implicated in these attacks. Researchers cautioned that the frequency of such activities is expected to rise.
“Organizations should prepare for an increase in AI-augmented threat activities from both adept and less skilled adversaries,” they added.
Previous warnings from researchers have indicated that artificial intelligence is already transforming the landscape of cyberattacks.
In November, Google noted that state-sponsored hacking groups were experimenting with malware capable of utilizing large language models during execution, allowing the malicious code to adapt in real-time and potentially evade detection. More recently, researchers reported that advanced actors affiliated with China, North Korea, and Iran were enhancing their operations, refining malware development, and gathering target intelligence using Google’s Gemini AI system.
Recorded Future
Intelligence Cloud.
