Attackers exfiltrate FortiGate device configurations, crack SHA-256-hashed admin passwords offline, and gain administrative access without exploiting a new vulnerability.
The traded dataset is likely a combolist compiled from older password breaches, which attackers can use via credential stuffing and targeted phishing to access Instagram accounts.