Cybersecurity Firm Warns of Massively Scaled Password Cracking Attack Using 45-GPU Cluster
A cybersecurity research team has uncovered a sophisticated attack method involving the use of a 45-GPU cluster to crack SSL VPN authentication hashes, leading to network breaches at organizations across multiple countries, according to Hudson Rock, a cybersecurity firm specializing in threat intelligence.
Attack Methodology Revealed
The attackers employed a “feedback-driven, 12-level recursive system” to crack passwords, according to research by Diachenko, a cybersecurity analyst cited by Hudson Rock. This approach involved generating password candidates from custom dictionaries, keyboard patterns, and cracking rules, with successful guesses feeding back into the system to refine future attempts. The process was managed through Hashtopolis, a distributed hash-cracking platform, enabling the threat actors to execute “massive combinations of plain-text passwords” until they found matches.
“This aggressive methodology has led to severe, real-world consequences,” Hudson Rock stated. The firm’s analysis confirmed full network compromises at multiple organizations in Japan, Taiwan, Vietnam, Iraq, and Turkey, with a Turkish NATO defense contractor reporting the exfiltration of classified defense documents.
Global Impact and Affected Sectors
The attack targeted a wide range of industries, with the most affected sectors including IT services, construction materials, telecommunications, and financial services, according to Hudson Rock. The firm identified compromised devices in India, the U.S., Taiwan, Mexico, Turkey, and Thailand. Notably, major companies such as Foxconn, Samsung, Comcast, Siemens, PwC, and Accenture were listed in the database of affected entities, though specific details about their involvement remain unverified.
Diachenko emphasized the scale of the operation, stating, “The scale is the sophistication.” However, the attackers’ operational security was described as “amateurish” by Hudson Rock, as they left artifacts on the server they used—a critical mistake in hacker circles.
Security Recommendations for Fortinet Users
Firewalls, particularly those manufactured by Fortinet, have become a common entry point for such attacks, as they sit at the perimeter of networks and grant access to internal resources. Hudson Rock advised Fortinet users to implement the following steps to mitigate risks:

- Update firmware to the latest version
- Disable unnecessary services and protocols
- Implement multi-factor authentication for administrative access
- Monitor logs for unusual activity
While the full extent of the breach remains under investigation, cybersecurity experts warn that the availability of the compromised data to other threat actors poses a significant risk to global networks.
Why This Matters
This incident highlights the growing threat of resource-intensive attacks leveraging advanced computing power. Similar methods were observed in the 2021 SolarWinds breach, where attackers exploited supply chain vulnerabilities to gain access to government and corporate networks. However, the use of a GPU cluster for password cracking represents a new level of computational sophistication in cybercrime.
Organizations are urged to review their authentication protocols and invest in robust security measures. As Diachenko noted, “The scale of this operation underscores the need for proactive defense strategies in an increasingly hostile digital landscape.”