Hackers exploit Fortinet bugs to deploy ransomware

techcrunch.com — March 17, 2025 at 05:01 PM UTC

Hackers linked to the LockBit gang are exploiting two vulnerabilities in Fortinet firewalls to deploy ransomware called "SuperBlack." Security researchers from Forescout reported that the group, named Mora_001, has been active since December 2024. Fortinet released patches for these vulnerabilities in January. However, Mora_001 is still targeting companies that have not updated their systems. The attacks involve encrypting sensitive data after it has been stolen. Forescout noted that Mora_001 shows operational ties to LockBit, suggesting a possible connection or shared methods. The ransom notes used in these attacks resemble those from other ransomware groups.

With a significance score of 3.5, this news ranks in the top 14% of today's 18126 analyzed articles.

Get summaries of news with significance over 5.5 (usually ~10 stories per week). Read by 9000 minimalists.

Hackers exploit Fortinet bugs to deploy ransomware

More on this topic:

More on this topic: