#brickstorm

[ follow ]
#vmware-vsphere #unc5221 #hypervisor-security #state-sponsored-cyber-operations #golang-backdoor
Information security
fromSecuritymagazine
12 hours ago

State-Sponsored Actors Leverage Backdoor Malware, CISA Warns

PRC-linked state-sponsored cyber actors use the BRICKSTORM backdoor to target VMware vSphere, ESXi, and Windows for long-term persistence and credential theft.
Information security
fromThe Hacker News
3 days ago

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

BRICKSTORM is a Golang backdoor used by PRC-linked threat actors to maintain stealthy, long-term access to VMware vSphere and Windows systems via diverse C2 protocols.
Information security
fromTheregister
3 days ago

PRC spies Brickstromed their way into critical US networks

China-backed cyber actors used Brickstorm to maintain long-term access to multiple critical networks, infecting systems across Linux/VMware/Windows and stealing data and cryptographic keys.
fromNextgov.com
3 days ago

China is using advanced 'Brickstorm' malware against government and IT orgs, US assesses

The NSA and the Cybersecurity and Infrastructure Security Agency have assessed that China is using an advanced malware family to access government agencies and technology companies, according to extensive findings made public Thursday. The malware analysis, coauthored with Canadian cyber authorities, reflects September threat intelligence produced by Google and underscores the extent of the efforts the hackers have gone to quietly plant themselves into victims' systems for long-term snooping and potential sabotage.
Information security
#unc5221
more#unc5221
Node JS
fromTechzine Global
7 months ago

Belgian security experts find Chinese espionage malware on Windows

BRICKSTORM malware, linked to UNC5221, targets European industries for espionage while remaining undetected over long periods.
[ Load more ]