Several US federal agencies have reported that “China-backed” hackers are hacking major
As stated by the NSA, CISA and the FBI in a jointcybersecurity guidelines, Chinese hacking groups used publicly known vulnerabilities to hack any device – from unpatched routers to medium and even large enterprise networks.
After the hack, the hackers used these devices toas part of their own attack infrastructure, as command and control servers and proxy systems that they could use to break into other networks. The attackers then stole credentials to access the underlying SQL databases and used special commands to reset user and administrator credentials from critical servers.
Exploiting these “China-sponsored” vulnerabilitieshackers have created wide infrastructure networks that have helped them further compromise an even wider range of public and private sector targets, US agencies say.