The hackers, most likely from a well-known group that's funded by the Chinese government, are outfitted with both off-the-shelf and custom-made tools. One such tool exploits Zerologon , the name given to a Windows server vulnerability, patched in August, that can give attackers instant administrator privileges on vulnerable systems.