Bleeping Computer reports:
Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and legal sectors.
Brickstorm is a Go-based backdoor documented by Google in April 2024 following China-related intrusions that spawned from various edge devices and remained undetected in the victim environment for more than a year, on average.
The malware served as a web server, file manipulation tool, dropper, SOCKS relay, and shell command execution tool.
According to Google Threat Intelligence Group (GTIG), the attackers used Brickstorm to silently siphon data from their victims’ networks for an average dwell time of 393 days before being detected.
Read more at Bleeping Computer.
