A new warning issued jointly by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Canadian Centre for Cyber Security documents an ongoing campaign by Chinese hackers making use of the sophisticated BRICKSTORM malware to target public sector organizations and IT companies for long-term espionage purposes. The average dwell time for these documented breaches is a little over a year, and the total victim count is impossible to know at this point.
The BRICKSTORM malware was first documented by Google security researchers in 2024 and is considered one of the most advanced current threats. It targets Windows and VMware vSphere environments and serves as a long-term backdoor for stealthy data exfiltration. It has numerous advanced obfuscation features and will also reinstall itself if removed or disrupted. Once inside a target network, the Chinese hackers look to capture legitimate credentials through various means and create hidden virtual machines to conceal their activities.
Chinese hackers may have been active since 2022
Though BRICKSTORM first came to broad attention in 2024, the researchers believe the Chinese hackers may have been successfully running this campaign since as far back as 2022. The average dwell time among documented victims of the malware is 393 days. If true, this would mean the attackers had been actively penetrating targets with this approach for at least two years before even being detected by security researchers.
Researchers have also been unclear on exactly which of the dozens of teams of advanced Chinese hackers is behind the attacks until very recently. A September report from Google’s Threat Intelligence Group linked the attackers to a cluster it calls “UNC5221” that overlaps with Silk Typhoon, while CrowdStrike is now more specifically attributing it to a new group it calls “Warp Panda” that has shown a special interest in United States legal, technology, and manufacturing sectors but has also targeted government entities in Asia Pacific countries.
Along with the assorted “Typhoon” groups, the incident further reinforces that the most advanced teams of Chinese hackers are dedicated to long-term entrenchment in target environments and that they are consistently doing a very good job of it. These groups are also innovating to be as invisible to pattern-based threat detection systems as possible, as demonstrated by the use of two entirely new implants (“Junction” and “GuestConduit”) written entirely in the open source Golang programming language.
Full scope of malware campaign still unknown, but could be at crisis levels
Google’s Threat Intelligence Group believes the BRICKSTORM malware campaign has hit “dozens” of organizations in the US thus far. However, the Chinese hackers also focus heavily on attacking service providers such as SaaS companies and outsourcing firms that handle business processes. This means they have likely infected an unknown additional amount of downstream targets. The group heavily targets organizations with information of interest to the Chinese government, and regularly takes configuration data and identity metadata in addition to exfiltrating documents that catch their eye.
Few specific victims of the Chinese hackers have been named as of yet, but one is F5. The widely-used app security platform, integrated with nearly all of the Fortune 50 companies, disclosed a breach in October that had a window stretching back to 2023. While the company’s popularity among industry leaders highlights the potential scope of damage and the group’s target selection, F5 also provides its services to hundreds of thousands of smaller organizations throughout the world (including government agencies). CISA has confirmed at least one other incident with the malware that was bad enough for it to need to provide incident response services, though the agency didn’t specify who it was. That attack lasted from April 2024 until well into 2025.
CISA also made use of the BRICKSTORM malware report to announce the launch of its Industry Engagement Platform (IEP), a new effort to simplify communications between it and private industry, academia and regional governments. The site allows organizations to create a profile and upload capabilities, in addition to providing a new direct line of communication to CISA.
Researchers note that the Chinese hackers are targeting VMware much more frequently with the malware than they are Windows environments. Organizations that are at risk for targeting by the group are advised to ensure all VMware vSphere servers are continually up to date. An inventory of edge devices should also be kept, as the group frequently targets known vulnerabilities in those, and these should be monitored aggressively for suspicious activity. Disabling all RDP and SMB access from the DMZ to the internal network and blocking unauthorized DoH providers and external DoH traffic can also help, as well as restricting outbound traffic from VMware ESXi and vCenter instances.
Adrian Culley, Senior Sales Engineer at SafeBreach, adds some observations about the expected actions of the attackers: “While one of their objectives is stealing intelligence for geopolitical and economic advantage, the second, more dangerous goal is to actively steal proprietary source code and internal vulnerability information from compromised technology and SaaS vendors. They steal the blueprints to widely used software, take it back to their labs and reverse engineer it to find new, undiscovered zero-day vulnerabilities. It’s a “steal today, weaponize tomorrow” model that creates a terrifying feedback loop. And, by hitting a SaaS vendor, they gain a potential pivot point into the networks of every single one of that provider’s downstream customers. The security of thousands of organizations is suddenly dependent on the security of their single most vulnerable vendor. Against an adversary using zero-days, living in your blind spots, and moving with stolen credentials, the old model of waiting for a security alert is fundamentally broken. In this new reality, the alert may never come. The only way to defend against a silent, patient attacker is to shift from a reactive to a proactive security posture—organizations have to assume they have already been compromised and continuously hunt for these behaviors.”
Jon Baker, VP of Threat-Informed Defense at AttackIQ, adds: “Brickstorm excels at remaining undetected within networks, and provides capabilities for persistence, lateral movement, and secure command and control. The malware runs continuous health checks on itself, allowing it to reinstall and restart if tampered with, ensuring its continued operation. All of this comes together to create a stealthy and resilient malware that can spread across networks and remotely take over entire systems. Brickstorm largely targets organizations that provide government or IT services, opening the door to large-scale espionage or data theft campaigns, as well as the compromise of critical operations and infrastructure. At-risk organizations should implement VMware’s hardening guidance, monitor for suspicious outbound connectivity from edge devices, and increase surveillance on service accounts while restricting service account privileges.”
Gabrielle Hempel, Security Operations Strategist at Exabeam, notes that this is yet another prompt to consider security upgrades: “More low-and-slow attacks to round out the year, as predicted. The interesting thing about BRICKSTORM is that it’s really targeting control planes and not just endpoints. You’re seeing vSphere, vCenter, and authentication infrastructure being targeted, and this is strategic: once an adversary owns your hypervisor layer, your traditional EDR, NDR, and many SIEM tools become blind to this because the attacker is no longer living in normal host or network telemetry. Once an attacker can spin up infrastructure in your virtualization layer, they gain credential harvesting at scale, resilient persistence and stealth, and the ability to stage second-order attacks against downstream customers or partners. This should be changing how boards and CISOs think about the “blast radius” and systemic risk and not just individual system compromise. These types of attacks are a perfect example of why signature-only detection is becoming obsolete against nation-state tradecraft. This is the same quiet operational pattern we’ve seen across multiple PRC campaigns targeting utilities, telecom, defense contractors, etc. Behavioral and contextual analytics are no longer “nice to have”, they are the only way to detect activity that is intentionally designed to look normal at the surface level.”

