Brickstorm backdoor — China-linked hackers gain long-term access to government / IT networks

According to an advisory by U.S. and Canadian cybersecurity agencies, hackers tied to the Chinese state used a sophisticated backdoor malware called Brickstorm to infiltrate and maintain covert access to government and IT networks.

Brickstorm targets environments using VMware vSphere and Windows, granting attackers stealthy shell-level access, file manipulation capabilities, and stable command-and-control communication — often blending in with legitimate traffic to evade detection.

Officials warn that this intrusion could facilitate espionage or sabotage — and urge all organisations using VMware-based infrastructure to audit, patch, and review network access and login credentials urgently.