The hackers used 4 zero-day exploits targeting Windows and Android devices through compromised websites. The sophisticated group chained multiple exploits together efficiently to install malware. They used zero-days in Chrome and Windows, along with recently patched vulnerabilities, delivering payloads through watering-hole attacks to infect visitors to boobytrapped sites. The complex attack infrastructure, modular payloads, and logging/targeting techniques indicate a professional team was behind the well-engineered operation.