An analyst told The Verge that even more targets had likely been compromised.
According to Mandiant’s research, the APT41 group was able to breach the government networks by exploiting vulnerabilities in applications built with Microsoft’s .NET developer platform, including one previously unknown vulnerability in the animal health reporting database system USAHERDS.
— meaning that it was the same across all instances of USAHERDS, and compromising just one installation would allow a hacker to execute their own code on any system running the software.that the full scale of the breach could include more targets than the six that are currently known. An email sent to Acclaim Systems, the developers of USAHERDS, had not received a response at time of publication.
Besides the compromise of .NET-based applications, APT41 also exploited the Log4Shell vulnerability, a serious and widespread bug in the Java Log4j library that was. According to Mandiant’s analysis, APT41 began to mount attacks that exploited Log4j within only hours of details of the vulnerability being published and used the vulnerability to install backdoors into Linux systems that would give them ongoing access at a later date.