Tech & Gadgets

Update now: Fortinet Windows VPN has been hacked to steal user data


  • Researchers see a Chinese threat actor stealing Fortinet VPN credentials
  • Thefts committed using a vulnerability discovered in 2023
  • The bug has yet to be addressed or even assigned a CVE

Cybersecurity researchers have revealed that Fortinet’s Windows VPN client has been vulnerable to a flaw that allows threat actors to steal user data for months – and Chinese hackers have now reportedly started exploiting the bug and stealing the data.

Experts from Volexity have published an in-depth report on a piece of malware called DeepData. This malware was used by a Chinese threat actor known as BrazenBamboo to steal login credentials and VPN server information from Fortinet VPNs.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button