The person at the center of this case
Multiple companies and government entities
Cold Case · Open
6 years waiting · since 2020
EDGE DEVICE INTRUSIONS
Justice for Multiple companies and government entities — the trail went cold in 2020, but the truth hasn't.
Start here
Key leads to think about
🔍
evidence
Lead #1What specific vulnerability details in CVE-2020-12271 enabled such widespread compromise across diverse organizations?
🎯
suspect
Lead #2Which Advanced Persistent Threat group was responsible, and what were their motivations for indiscriminate targeting?
💡
clue
Lead #3What patterns in the exfiltrated data could help identify the threat actors' ultimate objectives or affiliations?
Beginning April 22, 2020, an Advanced Persistent Threat group exploited vulnerability CVE-2020-12271 to deploy malware targeting edge devices and firewalls at companies and government entities worldwide, exfiltrating sensitive data in a widespread campaign. The identities of the individuals responsible for these cyber intrusions remain unknown despite ongoing investigation. The FBI is seeking public assistance to identify the perpetrators and prevent further compromise of critical infrastructure and networks.
Case
#288
Worldwide
Federal Bureau of Investigation (FBI) - Indianapolis Field Office
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
📞
contact
Lead #4Which companies and government entities were compromised, and what sensitive data was successfully extracted?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Cyber Intrusions into Companies and Government Entities April 2020 to Present The Federal Bureau of Investigation (FBI) is asking the public for assistance in an investigation involving the compromise of edge devices and computer networks belonging to companies and government entities. As described by Sophos Ltd.
in a recently released cyber security report, on April 22, 2020, an Advanced Persistent Threat group allegedly created and deployed malware exploiting the vulnerability CVE-2020-12271 as part of a widespread series of indiscriminate computer intrusions designed to exfiltrate sensitive data from firewalls worldwide. The FBI is seeking information regarding the identities of the individuals responsible for these cyber intrusions.
Timeline of Events
🔍
2020-04-22
Malware deployment begins
Advanced Persistent Threat group creates and deploys malware exploiting CVE-2020-12271 targeting edge devices and firewalls worldwide
Case Information
Incident:April 22, 2020
Last Updated:May 9, 2026
Leave a comment
Comments
Case Information
Incident:April 22, 2020
Last Updated:May 9, 2026