HAPPY LIFE
WHAT NEWS?
US, Canada Warn China-Linked Hackers Used 'Brickstorm' Malware to Breach Government Systems
US, Canada Warn China-Linked Hackers Used 'Brickstorm' Malware to Breach Government Systems
BLOG - MAGAZINE - GRID NEWS - CLASSICAL NEWSPAPER
The US and Canadian cybersecurity agencies have warned that China-linked hackers used a sophisticated malware tool called "Brickstorm" to steal login credentials and maintain long-term access inside government and IT networks, according to a joint advisory cited by Reuters.
ashington / Ottawa — The United States and Canada have issued a joint cybersecurity advisory warning that hackers linked to China used advanced malware to infiltrate and maintain long-term access inside multiple government and information technology networks. The alert, reported by Reuters, was released by the US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Canadian Centre for Cyber Security.
According to the advisory, the attackers deployed a state-sponsored malware strain known as "Brickstorm", designed specifically to bypass security systems and steal login credentials, configuration data, and other sensitive information. Once inside the affected networks, the hackers were able to maintain stable, persistent access—raising concerns about potential full-system compromise.
The agencies highlighted one confirmed incident in which hackers infiltrated a company in April 2024 and continued to access its network until September 3, 2025, despite cybersecurity defenses.
The analysis is based on eight samples of Brickstorm malware recovered from targeted organisations. Officials did not disclose the number of government bodies affected or the full scope of the attackers' activities. CISA's Executive Assistant Director for Cybersecurity, Nick Andersen, declined to provide additional details, citing security concerns.
Investigators found that the hackers specifically targeted VMware vSphere, an IT virtualization platform widely used to manage virtual machines and cloud infrastructure. The product, owned by Broadcom's VMware, is commonly deployed in government, corporate, and defense environments.
A Broadcom spokesperson responded by urging customers to install the latest security patches and enforce strong operational security measures to mitigate potential exploitation.
"We are aware of the advisory and recommend all customers follow security best practices, including applying the latest updates and maintaining strong network segmentation," the spokesperson said.
The Chinese embassy in Washington strongly rejected the claims. Spokesperson Liu Pengyu said the Chinese government does not "encourage, support, or connive at cyber attacks." Liu criticized the agencies' conclusions, stating that they had provided "no factual evidence" and had not submitted any formal inquiry on the matter.
China has routinely denied similar allegations from Western governments in recent years, calling them politically motivated and part of broader geopolitical tensions between Beijing and Western capitals.
