@Tom 7 - Re: Penetration?
That's the question to be asked. All news on this matter mysteriously lack this crucial detail. They only describe in detail what happens after the attacker has managed to get in and obtain root privileges.
I suspect the attackers are using flaws in Internet facing applications as well as sysadmin incompetence, especially when servers and applications are being managed by developers themselves.