Generative IA boosted a scale attack: 600 FortiGate committed in 55 countries

Amazon Threat Intelligence researchers have documented a campaign that shows cruelly how the combination of traditional techniques and commercial services of artificial generative intelligence can amplify the operational capacity of actors with limited knowledge. According to the report published by AWS, between 11 January and 18 February 2026 the intrusion of more than 600 FortiGate devices was detected in 55 countries, an operation that was not based on zero-day vulnerabilities, but on a more prosaic recipe: exposed management interfaces and weak credentials protected only by authentication of a single factor. Amazon explains how the IA served as a multiplier for a small group with limited technical capabilities.

The striking is not so much the classic technical sophistication of the adversary, but the architecture of the attack: a set of commercial IA tools used for different times of the campaign - from preparing code and planning movements to generating commands - allowed this actor to "scale" without needing a great team or years of experience. Amazon's own analysis detected public artifacts associated with the operation, including IA-generated attack plans, victim configurations and custom tool source code. This exposed infrastructure offered a kind of automated assembly line, where the IA provided the intellectual muscle and the attacker with economic intent.

The modus operandi was systematic: massive scanning of FortiGate management ports accessible from the Internet - ports such as 443, 8443, 10443 and 4443 - followed by access attempts with common or reused credentials. The identified scanning traffic originated, according to the collected records, from publicly identified and potentially malicious directions, allowing the campaign to be mapped and its scope. Once inside a FortiGate device, the attacker could extract the complete configuration of the equipment, with sensitive information such as credentials, network topology and administrative parameters, data that then facilitate internal movements and deeper commitments.

Amazon also documents that the actor did not stagnate in the perimeter: after accessing networks via VPN and FortiGate committed devices, he deployed recognition tools - with versions in Go and Python - which, according to the code analysis, show signs of being assisted by IA. The code presented redundant comments that simply reiterated the name of the functions, simple architectures with more concern for the format than for efficiency, and JSON parsées made by matching chains rather than robust deerialization: typical features of code generated or helped by language models.

The practical consequence was serious in several cases. The attackers completed post-exploitation phases that included recognition with tools such as Nuclei, Active Directory commitments and mass removal of credentials - including attempts to execute DCSync attacks to replicate the domain controller database -, maneuvers that prepare the ground for extortion or ransomware deployment. Organizations from different sectors and located in regions as varied as South Asia, Latin America, the Caribbean, West Africa and North Europe were reached by clusters of committed devices.

The lateral motion techniques described by the researchers do not reinvent the playbook of the attackers: use of pass-the-hash and pass-the-ticket, NTLM relays and remote execution of commands in Windows hosts. In addition, there was a specific pattern of interest for backup servers: according to the report, the attackers tried to address Veeam Backup & Replication servers, trying to take advantage of errors known as CVE-2023-27532 and CVE-2024-40711, which fits a classic pattern prior to the deployment of ransomware.

A revealing point of the study is the pragmatic choice of the attacker: when they ran into harder defenses - parcheed systems, closed ports or non-exploitable vectors - they preferred to leave that victim and seek weaker objectives. This conduct shows that the IA is not doing magic; what it does achieve is to convert tasks that previously required expertise into automated and repeatable processes, greatly expanding the number of "easy victories" that a small group can obtain. In the words of CJ Moses, CISO of Amazon Integrated Security, the operation appears to be the work of economically motivated individuals who, thanks to the IA, reached an operational scale that would have previously required a much larger and more experienced team.

These conclusions fit in with broader warnings about the use of generative models by cybercriminals. Major security agencies and companies have noted that the IA reduces the entry threshold for less skilled actors, allowing them to orchestrate attacks more quickly and at more volume. Reports from organisations such as Microsoft and European cybersecurity agencies have been documenting similar trends: the IA accelerates and simplifies many phases of the attack cycle without the need to introduce radically new techniques. To expand technical and strategic context on IA-related threats, institutional reports such as the Digital Defense Report of Microsoft and publications of the European Union Agency for Cybersecurity ( ENISA) are recommended readings.

The defensive lesson that researchers draw is at the same time classic and urgent: the first line of resistance remains basic safety hygiene. This means, for example, avoiding exposing Internet administration interfaces, replacing default or common credentials, enabling multifactor authentication for administrative access and VPN, and auditing accounts and administrative sessions in search of unauthorized activity. It is also crucial to isolate backup servers from the rest of the network and maintain a rigorous patch policy. Amazon insists that the fundamental measures - patch management, credentials hygiene, network segmentation and detection capabilities for post-exploitation indicators - remain the most effective defenses against extended IA campaigns.

For security teams that want to deepen, Amazon's report includes useful technical details and observable evidence, including the trail of certain hosts associated with the scans, which can be consulted publicly. In addition, specialized resources explain specific techniques used by the attackers, such as the DCSync attacks against Active Directory, which Semperis describes in detail, and vulnerability databases allow to verify patches and mitigation for specific incidents.

The morale of history is clear: the arrival of generative models to the ecosystem of criminal tools does not instantly transform the landscape into something unrecognizable, but it does democratize and automate tasks that previously limited the activity of less sophisticated actors. In this context, keeping the safety foundations up to date and deploying robust preventive and detection controls remain the most reliable recipe for risk reduction. It is not enough to trust the darkness of the network: perimeter devices must be treated as the main door of a house that must be carefully closed and monitored.

If you manage infrastructure with FortiGate or other edge devices, check the manufacturer's official guidelines on hardening and good practice, consider continuous monitoring of your public interfaces and prepare response procedures that include configuration integrity verification and credentials rotation. The threat is not only technical: it is a wake-up call for organizations of all sizes about why operational discipline in cybersecurity cannot be a secondary task.

Recommended sources and readings: Amazon Threat Intelligence report documenting the campaign is available here Veam EQs are available at the NVD base at CVE-2023-27532 and CVE-2024-40711, the technical explanation of DCSync appears in the analysis of Semperis and for context on the evolution of threats assisted by IA, the Digital Defense Report and the policy documents and risks of ENISA. To check observable indicators, some IPs and artifacts have been publicly reported on platforms such as VirusTotal.