"Chinese government-backed hackers have penetrated deep into U.S. internet service providers in recent months to spy on their users... Beijing’s hacking effort has 'dramatically stepped up from where it used to be,' says former top U.S cybersecurity official... The unusually aggressive and sophisticated attacks include access to at least two major providers with millions of customers as well as to several smaller providers... ...the groups considered the effort important enough to exploit previously undiscovered software flaws that could have been preserved for later use.... ...the hackers used a previously unknown vulnerability, ...in a program made by Versa Networks for managing wide-area networks... ...Lumen wrote that it located malware inside ISP routers serving certain groups or individual customers that could intercept passwords from those customers... ...found another high-end technique in play at a different, unnamed ISP...a Chinese state hacking group was able to get far enough inside the service provider to alter the Domain Name System (DNS) web addresses that users were trying to reach and divert them elsewhere, allowing the hackers to insert back doors for spying..." [Paywall] https://www.washingtonpost.com/tech...-hackers-penetrate-us-internet-providers-spy/
Seems like a very advanced hack, but I didn't understand the technical details. So by hacking the ISP's they could perhaps redirect people to fake websites with the goal of serving trojanized apps? Or could they directly see data traffic, but this is encrypted I assume?
