Other Linux-based network devices may have also been targeted by Pygmy Goat, as indicated by its utilization of a fake Fortinet certificate, a pair of remote shells, and several communication wake-up techniques.
Article Link: Sophos firewalls compromised with Pygmy Goat backdoor | SC Media