Willow Ventures

get in touch
CategoriesBlogs

Chinese hackers reportedly targeting government entities using ‘Brickstorm’ malware | Insights by Willow Ventures

Chinese hackers reportedly targeting government entities using 'Brickstorm' malware | Insights by Willow Ventures

Chinese Hackers Target Government and Tech Entities with Advanced Malware

Recent reports unveil a significant cyberattack linked to hackers from China, who utilized sophisticated malware to infiltrate several unnamed government and tech organizations. This breach, confirmed by cybersecurity agencies in the US and Canada, underscores the growing threat posed by state-sponsored cybercriminals.

Understanding the Attack: Brickstorm Malware

The malware used in this attack is identified as “Brickstorm.” According to a report published by the Canadian Centre for Cyber Security, these attackers maintained persistent access to a victim’s internal network, employing VMware vSphere, a popular cloud computing platform.

Long-Term Access and Exploitation

Once the attackers compromised the system, they were able to:

  • Steal credentials
  • Manipulate sensitive files
  • Create hidden virtual machines (VMs)

This extensive access might have begun as early as April 2024 and continued through September 2025, allowing them to operate without detection.

Details from the Cybersecurity Report

The report collaborated on by the Canadian Cyber Centre, the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) identified eight samples of the Brickstorm malware. However, it remains unclear how many organizations were either targeted or successfully breached in this incident.

Response from VMware and Recommendations

In response to the hack, Broadcom—owner of VMware vSphere—has acknowledged the situation and encouraged users to download the latest security patches. Moreover, the Google Threat Intelligence Group recently published its own report on Brickstorm, recommending that organizations reassess their threat models and conduct hunt exercises against known threat actors.

Conclusion

As cyber threats evolve, organizations must remain vigilant. Ensuring the latest security updates and reevaluating existing cybersecurity measures is crucial in defending against sophisticated attacks like Brickstorm.

Related Keywords

  • Brickstorm malware
  • China cyberattacks
  • VMware vSphere security
  • Cybersecurity threats
  • State-sponsored hacking
  • Cloud computing vulnerabilities
  • Cyber defense strategies


Source link

Willow Ventures

Digital Agency