A threat actor operating under the moniker \u201cRedTeam\u201d has begun advertising a new brute-force<\/a> attack tool, \u201cBrutus,\u201d designed to target Fortinet services, according to recent dark web intelligence.<\/p>\n The tool is priced at $1,500, signaling growing interest in automated credential-stuffing attacks against enterprise infrastructure.<\/p>\n Brutus is engineered to attack multiple remote access protocols, making it versatile for attackers seeking to compromise diverse systems.<\/p>\n The tool supports SSH, RDP, VNC, and shell-based connections, allowing attackers to target common remote access services deployed in enterprise environments.<\/p>\n This multi-protocol approach significantly increases the attack surface for organizations that rely on Fortinet <\/a>appliances for network security.<\/p>\n The tool includes a built-in scanner that automatically identifies vulnerable<\/a> or exposed services, streamlining reconnaissance and target identification.<\/p>\n Additionally, Brutus supports SOCKS and HTTP proxying with rotating proxies, allowing attackers to mask their origin and evade network <\/a>detection systems.<\/p>\n This obfuscation feature is critical for attackers seeking to avoid triggering security alerts or IP-based blocking measures. Developed in Go, Brutus is cross-platform compatible, enabling deployment on Windows, Linux, and macOS<\/a>.<\/p>\n This language choice emphasizes performance and ease of compilation, allowing the tool to be rapidly adapted for different environments.<\/p>\n The tool supports flexible credential management, accepting combo lists in multiple formats, including URL:login: password combinations and separate IP, login, and password text files.<\/p>\n Notably, Brutus includes on-the-fly combo generation, enabling attackers to generate credential variations during attacks dynamically.<\/p>\n This feature reduces reliance on pre-compiled credential databases. It enhances the likelihood of successful compromise against systems with common password patterns.<\/p>\n Fortinet products are extensively deployed in enterprise and government networks worldwide. According to recent dark web intelligence observation, a specialized brute-force tool targeting these systems poses a significant risk, particularly for organizations with weak authentication policies or outdated Fortinet appliances.<\/p>\n The $1,500 price point suggests it is accessible to relatively well-funded threat actors<\/a> or organized cybercriminal groups.<\/p>\n Security teams managing Fortinet infrastructure should prioritize implementing strong authentication mechanisms, including multi-factor authentication<\/a> where possible.<\/p>\n Organizations should also conduct regular security assessments to identify exposed services and enforce strict access controls.<\/p>\n Monitoring for unusual login attempts and implementing rate limiting on authentication endpoints remain critical defensive measures against brute-force attacks.<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Threat Actors Allegedly Promoting New \u2018Brutus\u2019 Brute-Force Tool Targeting Fortinet Services<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n![\"\"](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjT80wab3aW-WCwXJNxHmgxJ7mFtwjDFiYzWmVJMczEWbMoY0Ob9XQ9FsD7CZ6EDeMk_nhOcbG-DE5P45nEJSOECiIFqOXVbZ-raidG0DzFW7_16B1OkSw6lemR50TnlVu_WVtuEa0StuT3CYuPUi_FwyaqyXdMjqjG3KWdZjrM1tIiCRKCdq4ijlVaaofL\/w596-h640\/DWB.webp?ssl=1\")
<\/figure>\n