A China-nexus threat actor with apparent in-depth knowledge of Juniper MX devices has compromised the routers using custom backdoors, according to research released Wednesday by Mandiant.