A threat actor exploited a Fortinet vulnerability and has exfiltrated and leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices.
These VPN credentials could allow threat actors to access a network to perform data exfiltration, install malware, and perform ransomware attacks.
The list of Fortinet credentials was leaked for free by a threat actor known as 'Orange,' who is the administrator of the newly launched RAMP hacking forum.
The exploited Fortinet vulnerability was soon patched, but many VPN credentials were still valid.
"id": "FOR223227123",
"linkid": "fortinet",
"type": "Vulnerability",
"date": "09/2021",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"