Part 6/9:
The breach affected around 81,000 devices, stretching into critical infrastructure. This hacker purportedly worked for Sichuan Silence Information Technology, a company accused of providing hacking services to various Chinese governmental entities. Through the exploitation of SQL injection vulnerabilities and impersonation of trusted domains, these hackers are believed to have gained sensitive access to military and societal infrastructure.
The timing of bug bounty reports submitted to Sophos that revealed critical vulnerabilities allegedly linked to Chinese activities raised suspicions. Although proving direct connections is complex and often fraught with uncertainty, the implications of such breaches are deleterious.