HomerapidshareFortinet VPN: Hackers exposed 500,000 customer passwords

Fortinet VPN: Hackers exposed 500,000 customer passwords

A hacking group claims to have stolen VPN passwords from customers of a well-known company. Specifically, hackers seem to have published about 500.000 login credentials, belonging to users of one popular VPN product from cybersecurity company Fortinet.

See also: Password attacks: You were hacked and you did not "get the hang of it"?

Fortinet VPN

The attackers who use the pseudonym "Orange", Leaked usernames and passwords into one Dark web forum on Tuesday, according to a report by Bleeping Computer. Publishing stolen data is a common tactic of cyber criminals. Many times, hackers sell data to make money. However, this hacking team seems to offer the passwords of Fortinet VPN users for free.

See also: Fortinet fixes serious vulnerabilities in FortiManager and FortiAnalyzer

It is believed that the accounts were breached through a vulnerability previously discovered in this product. In April, federal agencies warned of existence of various vulnerabilities in Fortinet VPN, which could allow hackers to access the systems. The company has since issued patches to fix these vulnerabilities, but it appears that multiple user accounts have been compromised.

According security company investigation Advanced Intel, the Orange team is considered a member of the ransomware gang “Groove“. Rumor has it that these hackers worked in the past and for Babuk ransomware, a dangerous ransomware gang that tried to blackmail Washington DC Police Department. to receive millions of dollars.

The Groove team recently launched a new forum, called RAMP, and researchers believe the gang may have leaked Fortinet VPN passwords to draw attention to its new business venture.

VPN passwords dark web

VPNs are designed to protect the confidential data and activity of users on the Internet. However, they can become a real nightmare if violated. In this case, accessing Fortinet VPN accounts would likely allow cybercriminals to infiltrate networks, steal data and other. According to the criminals who leaked the VPN passwords, many of these credentials are still valid.

See also: DoubleVPN: Authorities shut down the VPN service used by criminals

The credentials appear to be connected to 498.908 users and over 12.856 devices, from 74 different countries. Most Fortinet VPN passwords come from India. Follow the ItalyThe France and Ισραήλ.

Source: Gizmodo 

Digital fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!