China is using advanced 'Brickstorm' malware against government and IT orgs, US assesses

China is using advanced 'Brickstorm' malware against government and IT orgs, US assesses

Briefly

"The NSA and the Cybersecurity and Infrastructure Security Agency have assessed that China is using an advanced malware family to access government agencies and technology companies, according to extensive findings made public Thursday. The malware analysis, coauthored with Canadian cyber authorities, reflects September threat intelligence produced by Google and underscores the extent of the efforts the hackers have gone to quietly plant themselves into victims' systems for long-term snooping and potential sabotage."

"The malware, dubbed Brickstorm, was used in a Chinese breach into F5 systems that was disclosed in October. Those hackers had reportedly been inside the company's systems since 2023. That particular hack was deemed perilous for the company and its clients, as F5 supports hundreds of thousands of application delivery and internet traffic management systems for hundreds of private companies and government agencies worldwide."

"VMware's vSphere tool - a suite of software that creates and manages virtual data centers - is a prime target for the Chinese hackers, CISA said. "This advisory underscores the grave threats posed by the People's Republic of China that create ongoing cybersecurity exposures and costs to the United States, our allies and the critical infrastructure we all depend on," CISA acting Director Madhu Gottumukkala said in a statement."