Attackers Crafted Custom Malware for Fortinet Zero-Day


Level 26
Thread author
Top Poster
Aug 17, 2017
Researchers analyzing data associated with a recently disclosed zero-day vulnerability in Fortinet's FortiOS SSL-VPN technology have identified a sophisticated new backdoor specifically designed to run on Fortinet's FortiGate firewalls. The malware appears to be the work of a China-based threat actor engaged in cyber-espionage operations targeting government organizations and those working with these organizations. It is the latest example of adversaries from the country targeting firewalls, IPS, IDS, and other Internet-facing technologies that enterprises use for securing their networks, Mandiant said in a report this week. Researchers from the company came across the malware in a public repository in December and were able to tie it to the Fortinet zero-day bug (CVE-2022-42475) based on information that Fortinet released in its initial vulnerability disclosure.


Level 19
Top Poster
Jan 21, 2018
More reading on this -

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.