Once inside the sites they made unauthorised modifications, including adjustments to security settings, control of access to and distribution of confidential data, and re-directing visitors to websites hosted by hackers.
It allows hackers to take control of a device -- such as a web camera or web server -- and steal information from it, such as an image or credit card information.