Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jramirez
New Contributor

Created on ‎06-06-2024 12:50 PM

Are Fortinet products affected by the New Fog ransomware?

ArticWolf hasn't release which two vendors are affected, so I was curious if Fortinet products are affected.  

http://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

 

Thanks, 

 

719
0 Kudos
1 REPLY 1
ozkanaltas
Valued Contributor III

Created on ‎06-06-2024 01:19 PM

Hello @jramirez ,

 

This ransomware affects Windows devices, not firewalls. One of the 2 vendors mentioned in the article may be Fortinet. Because what is meant there is that this ransomware spreads through comprimised VPN information. If your Fortigate is affected by SSL-VPN vulnerabilities, you will be likely to be affected by this ransomware attack.But of course, this does not mean that you will definitely be affected.

 

"In each of the cases investigated, forensic evidence indicated that threat actors were able to access victim environments by leveraging compromised VPN credentials. Notably, the remote access occurred through two separate VPN gateway vendors. The last documented threat activity in our cases occurred on May 23, 2024."

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
708
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.