Configuration data for 15,000 compromised fortinet firewalls leaked on darkweb
- danielweis
- Jan 28
- 1 min read
ICYMI last week, the belsen hacking group leaked configuration data (including plaintext creds) for 15,000 fortigate firewalls on the darkweb for free, that they had exploited using CVE-2022-40684 and CVE-2024-55591. 8,000 are still online according to censys, a writeup is here: https://www.cloudsek.com/blog/15k-fortigate-firewall-configs-leaked-by-belsen-group-dumped-using-zero-day-in-2022
If you want to check if you IP is affected, there is a pastebin here:
#hacking #darkweb #fotinet #exploit #exploitation #cyberattack #databreach #threatactors #danweis #nexon #hackproofyourself #boardroomcyber
Comments