China-linked hackers target BrickStorm backdoor IP addresses

China-linked hackers have been observed targeting IP addresses associated with the BrickStorm backdoor, a sophisticated malware used for persistent access and espionage. This campaign highlights the ongoing cyber espionage efforts attributed to Chinese threat actors, focusing on infiltrating networks through the BrickStorm malware. The attackers exploit vulnerabilities to deploy the backdoor, enabling them to maintain long-term access and exfiltrate sensitive data. Organizations are urged to enhance their network defenses, monitor for unusual activity related to BrickStorm indicators, and apply timely patches to mitigate risks. This incident underscores the importance of robust cybersecurity measures against state-sponsored cyber threats and the evolving tactics of advanced persistent threat groups.

This Cyber News was published on therecord.media. Publication date: Wed, 24 Sep 2025 16:10:16 +0000

Cyber News related to China-linked hackers target BrickStorm backdoor IP addresses

China-linked hackers target BrickStorm backdoor IP addresses - China-linked hackers have been observed targeting IP addresses associated with the BrickStorm backdoor, a sophisticated malware used for persistent access and espionage. This campaign highlights the ongoing cyber espionage efforts attributed to ...
3 months ago Therecord.media China-linked hackers

Chinese Hackers Using New BRICKSTORM Malware to Attack Windows & Linux Machines - Notably, unlike the Linux variant reported by Mandiant, the Windows samples lack direct command execution capabilities—a suspected deliberate choice to evade detection by security solutions that analyze parent-child process relationships. The ...
8 months ago Cybersecuritynews.com

BianLian GOs for PowerShell After TeamCity Exploitation - In conjunction with GuidePoint's DFIR team, we responded to an incident that began with the exploitation of a TeamCity server which resulted in the deployment of a PowerShell implementation of BianLian's GO backdoor. The threat actor identified a ...
1 year ago Securityboulevard.com CVE-2024-27198 CVE-2023-42793 BianLian

Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
2 years ago Securityweek.com Silence

New BrickStorm: A Stealthy Backdoor Targeting Windows Systems - Cybersecurity researchers have uncovered a new stealthy backdoor named BrickStorm that targets Windows systems. This sophisticated malware is designed to evade detection and maintain persistent access to compromised networks. BrickStorm employs ...
3 months ago Cybersecuritynews.com

China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said. The hackers, dubbed Green Nailao, deployed ShadowPad ...
10 months ago Therecord.media

European firms urge China to give more clarity on data transfer laws - AP Moeller - Maersk A/S Siemens AG BEIJING, Nov 15 - European firms "Urgently" need China to give clearer definitions of key terms in its cross-border data transfer rules, a European business lobby group said on Wednesday, warning firms also stood to ...
2 years ago Reuters.com

Microsoft: Iranian hackers target researchers with new MediaPl malware - Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware. The attackers, a ...
1 year ago Bleepingcomputer.com APT3 APT33

How 'Big 4' Nations' Cyber Capabilities Threaten the West - COMMENTARY. There are four nations deemed by the US and UK governments to pose the greatest threat to the West. Russia's cyber-threat activities are primarily focused on offensive cyber operations, China's are focused on cyber espionage, Iran's on ...
1 year ago Darkreading.com

UNC5221 Uses BrickStorm Backdoor to Target Southeast Asian Entities - In a recent cyber espionage campaign, the threat group UNC5221 has been observed deploying the BrickStorm backdoor to infiltrate and monitor entities across Southeast Asia. This sophisticated attack highlights the increasing use of advanced ...
3 months ago Thehackernews.com UNC5221

Chinese Hackers BrickStorm Targeting Southeast Asia with Espionage Campaign - Chinese threat actors known as BrickStorm have been identified conducting a sophisticated espionage campaign targeting Southeast Asian countries. This group employs advanced malware and phishing techniques to infiltrate government and private sector ...
3 months ago Infosecurity-magazine.com BrickStorm

China's Dogged Campaign to Portray Itself as Victim of US Hacking - For more than two years, China's government has been attempting to portray the US as indulging in the same kind of cyber espionage and intrusion activities as the latter has accused of carrying out over the past several years. A recent examination of ...
1 year ago Darkreading.com Volt Typhoon

Stifling Beijing in cyberspace big focus for UK operatives The Register - Regular attendees of CYBERUK, the annual conference hosted by British intelligence unit the National Cyber Security Centre, will know that in addition to the expected conference panels, there is usually an interwoven theme to proceedings. Various ...
1 year ago Theregister.com APT3 Volt Typhoon

Microsoft: Hackers target defense firms with new FalseFont malware - Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. The DIB sector targeted in these attacks comprises over 100,000 defense companies and ...
2 years ago Bleepingcomputer.com APT3 APT33

Google: BrickStorm malware used to steal US orgs' data for over a year - The BrickStorm malware has been actively used for over a year to steal sensitive data from U.S. organizations, according to recent reports. This sophisticated malware campaign has targeted various sectors, exploiting vulnerabilities to infiltrate ...
3 months ago Bleepingcomputer.com

Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
2 years ago Securityweek.com

A top-secret Chinese spy satellite just launched on a supersized rocket - China's largest rocket apparently wasn't big enough to launch the country's newest spy satellite, so engineers gave the rocket an upgrade. The Long March 5 launcher flew with a payload fairing some 20 feet taller than its usual nose cone when it took ...
2 years ago Packetstormsecurity.com Rocke

Russian Sandworm Group Using Novel Backdoor to Target Ukraine - Russian nation-state group Sandworm is believed to be utilizing a novel backdoor to target organizations in Ukraine and other Eastern and Central European countries, according to WithSecure researchers. The previously unreported backdoor, dubbed ...
1 year ago Infosecurity-magazine.com

Cybersecurity Crisis Looms: FBI Chief Unveils Chinese Hackers' Plan to Target US Infrastructure - As the head of the FBI pointed out Wednesday, Beijing was positioning itself to disrupt the daily lives of Americans if there was ever a war between the United States and China if it were to plant malware to damage civilian infrastructure. U.S. ...
1 year ago Cysecurity.news Volt Typhoon

Chinese Hackers Hijack Software Updates to Install Malware - In order to obtain unauthorized access and control, hackers take advantage of software vulnerabilities by manipulating updates. By corrupting the updates, hackers can disseminate malware, compromise user data, and build backdoors for future attacks. ...
1 year ago Gbhackers.com

Big China Spy Balloon Moving East Over US, Pentagon Says - The Pentagon said at midday Friday that a Chinese spy balloon had moved eastward and was over the central United States, and that the U.S. rejected China's claims that it was not being used for surveillance. Gen. Pat Ryder, Pentagon press secretary, ...
2 years ago Securityweek.com

Pro-China campaign targeted YouTube with AI avatars The Register - Think tank Australian Strategic Policy Institute last week published details of a campaign that spreads English language pro-China and anti-US narratives on YouTube. The campaign, which ASPI calls Shadow Play, includes 30 YouTube channels that have ...
2 years ago Go.theregister.com Rocke

US House 'Asks Intel, Nvidia, Micron CEOs' To Testify On China - US House of Representatives China committee asks chief executives of Intel, Nvidia, Micron to testify as international tensions mount. The chief executives of Intel, Nvidia and Micron have been asked to testify before the US House of Representatives' ...
1 year ago Silicon.co.uk

China-Nexus Hackers Attacking Organizations Infrastructure & High-Value Customers - A sophisticated China-linked threat actor has been conducting extensive cyber espionage operations targeting critical infrastructure and high-value organizations across multiple sectors. This activity cluster, tracked as PurpleHaze, demonstrates ...
7 months ago Cybersecuritynews.com

Chinese Companies Linked With Hackers Filed Patents Over 10+ Forensics and Intrusion Tools - The patents, registered by firms named in recent U.S. Department of Justice indictments, detail sophisticated offensive capabilities including encrypted endpoint data acquisition, mobile device forensics, and network traffic interception from routers ...
4 months ago Cybersecuritynews.com HAFNIUM