A recent development in the world of cybersecurity has brought to light a new automated brute-forcing framework called “BRUTED,” created by a group of hackers. This framework has been designed to target edge networking devices such as firewalls and VPNs, allowing hackers to streamline network access and scale up cyber attacks on vulnerable devices and networks.
The hackers behind the operation, known as “BlackBasta,” have been using the “BRUTED” framework since 2023 to commit brute-force attacks on popular products like SonicWall NetExtender, Cisco AnyConnect, Palo Alto GlobalProtect, Fortinet SSL VPN, and WatchGuard SSL VPN. While none of the best business VPNs have been affected by this attack tool, there have been incidents where Palo Alto and SonicWall services were targeted in a brute-force VPN attack using 2.8 million IP addresses in February 2025.
The discovery of “BRUTED” came about after a leak of the gang’s internal chat logs, which revealed the extent of their operation. The logs indicated that the hackers took advantage of weak and reused passwords, with the most common passwords like “123456” being easily cracked within seconds. This highlights the importance of using strong, unique passwords that include a mix of letters, numbers, and symbols to protect your network and organization from cyber threats.
To enhance security measures, it is recommended to use password managers to generate and store complex passwords, as well as enable two-factor authentication (2FA) on all accounts. 2FA adds an extra layer of security by requiring verification through a backup email address, phone number, or authenticator app before accessing accounts. Regularly updating system software is also crucial to prevent vulnerability exploitation and keep devices protected from potential cyber attacks.
Although no vulnerabilities have been exploited by “BRUTED” yet, the automated nature of the attacks poses a significant risk to organizations. By focusing on strengthening cybersecurity measures such as strong passwords, 2FA, and regular software updates, businesses can better protect themselves from malicious activities in the digital landscape.
Overall, the emergence of the “BRUTED” framework serves as a reminder of the ever-evolving threats in cybersecurity and the importance of staying vigilant to safeguard against potential attacks. By taking proactive steps to secure networks and devices, organizations can mitigate the risks posed by automated brute-force attacks and protect sensitive data from falling into the wrong hands.
In conclusion, cybersecurity remains a top priority in today’s digital age, and staying informed about the latest threats and security measures is key to defending against cyber attacks.