Skip to main content
    Hackers Turning Security Device Access into Ransomware Profits
    Action Needed
    Breaking
    2 min read

    Hackers Turning Security Device Access into Ransomware Profits

    After breaking into thousands of business security systems, attackers are now selling that access to ransomware gangs who lock files and demand money.

    Source

    Dark Reading

    Original headline: FortiBleed Actors Collaborating With Inc, Lynx Ransomware Gangs

    Plain-English summary by GetCyberRight. Read the full report at the source above.

    Published Thursday, July 2, 2026Updated Friday, July 3, 20262 min read
    Share:

    Hackers have successfully broken into thousands of Fortinet firewalls, which are devices businesses use to protect their computer networks. After establishing this access, the attackers are now monetizing it by working with ransomware operations. They are also exploiting a security flaw in Nextcloud, which is cloud storage software some organizations use.

    This means cybercriminals have multiple ways to break into business systems, and they are actively using these methods to make money through ransomware attacks. This situation mainly affects businesses, educational institutions, and organizations rather than individual home users. However, it can still impact your daily life. If your employer, your child's school, your doctor's office, or any other service you rely on uses these affected systems, they could experience a ransomware attack. This could mean disrupted services, locked files, or potentially exposed personal information. While you probably do not use Fortinet firewalls at home, you almost certainly interact with businesses that do. For individual families, there is no specific immediate action required unless you receive notification from an organization you work with or do business with. If you do receive such a notification, respond quickly.

    Stay one step ahead of scammers

    Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.

    Here is what to do:

    1. Follow any instructions provided by the affected organization immediately.
    2. Change your password for that service and any other accounts where you used the same password.
    3. Check your financial statements for unauthorized transactions if the organization handles your payment information.
    4. Set up account alerts and monitor for suspicious activity. To protect yourself in the bigger picture, focus on what you can control. Use different passwords for different accounts so that if one gets compromised, the damage stays contained. Enable two-factor authentication on all accounts that offer it, especially email, banking, and shopping sites. Be skeptical of unexpected emails or messages, even if they appear to come from legitimate organizations. Finally, maintain regular backups of your important files, photos, and documents so you always have a copy if something goes wrong.

    Protect Yourself

    Use our Cyber Threat Radar to check if you're affected and take action.

    Found this useful?

    Share it with someone who could use a heads-up.

    Share:

    Curated from trusted cybersecurity sources by GetCyberRight

    Source: Dark Reading

    Discussion

    0

    Sign in to join the discussion.

    Stay ahead of cyber threats

    Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.