Brickstorm And The New Supply Chain Frontline In Cyber Espionage

When investigators from US and Canadian cyber agencies began pulling apart a series of persistent intrusions in 2024 and 2025, they kept finding the same unfamiliar backdoor buried deep inside virtual infrastructure. That malware is now publicly known as Brickstorm – a sophisticated tool allegedly operated by state-sponsored threat actors linked to the People’s Republic of China, purpose-built to live quietly inside VMware and Windows environments and give attackers durable, flexible access to sensitive networks.

The joint advisory and malware analysis published by the US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the Canadian Centre for Cyber Security describe a campaign that did not simply target individual servers. Instead, it went straight for the backbone of modern IT: virtualisation platforms used by government agencies, managed service providers and major technology companies. In doing so, Brickstorm turns the software and services that power the digital economy into an attack surface of strategic value.

A quiet foothold in the virtual layer

Brickstorm is designed to run primarily on Linux systems hosting VMware vSphere components, such as vCenter servers and ESXi hypervisors, as well as on selected Windows systems in the same environment. At a technical level, it functions as a custom backdoor that allows operators to remotely issue commands, move data, and maintain persistence with low visibility.

In at least one documented case, investigators found that the attackers had maintained access inside an organization from April 2024 through September 2025. During that time, the group moved laterally from a web server in the demilitarised zone into the internal network, deployed Brickstorm on a vCenter server, and ultimately compromised domain controllers and an Active Directory Federation Services server to export cryptographic keys. From there, the attackers had the technical ability to impersonate users and services across the environment.

The choice of VMware as a primary target is not accidental. vCenter is the management plane for large numbers of virtual machines. Once an adversary gains control of that layer, they are not just inside one server, they are effectively in the control tower that governs a fleet of systems. Brickstorm is engineered to exploit that position.

What makes Brickstorm different

Many malware families can exfiltrate data or provide remote access, but Brickstorm stands out in several ways that make it particularly suited for long-term espionage.

First, it is built for stealth and persistence. The samples analysed by government agencies suggest a modular architecture with support for encrypted communications, flexible command handling and the ability to blend into legitimate processes and services on both Linux and Windows hosts. By sitting in the virtualisation layer, Brickstorm can avoid many endpoint security controls that are focused on guest operating systems rather than hypervisors or management appliances.

Second, it has capabilities that line up with the realities of modern enterprise networks:

• Access to virtual machine snapshots: Once installed on vCenter, the malware can be used to interact with virtual machine snapshots that may contain credential caches, configuration data and sensitive files, giving attackers a rich source of information without having to deploy additional malware to every guest.
• Creation of rogue virtual machines: Investigators have reported the ability of attackers to create hidden or rogue VMs that are not immediately visible through normal management interfaces. These can act as staging points or covert infrastructure inside the victim environment.
• Cross-platform support: Brickstorm has been observed in both Linux and Windows builds, which lets operators adapt their tooling to different parts of the network while using a common command-and-control model.

Finally, Brickstorm appears to be part of a broader toolkit used by advanced persistent threat actors associated with China. The campaign has been linked with activity against multiple sectors, including government services, information technology, telecommunications, manufacturing and critical infrastructure. It is not a spray-and-pray crimeware campaign, but a focused espionage operation.

Supply chain pressure through virtualisation and MSPs

The Brickstorm campaign highlights a structural problem that security teams have wrestled with for years: the way that supply-chain trust and centralised infrastructure can magnify the impact of a single compromise.

Two aspects stand out in the public reporting on this case.

The first is the focus on VMware vSphere itself as a strategic platform. Organizations treat vSphere as the bedrock of data centres and private clouds. It is centralised, heavily automated and often administered by a relatively small group of privileged staff or external partners. Compromise of that layer gives attackers a privileged view into workloads belonging to multiple internal departments, subsidiaries or even different customers, depending on the architecture.

The second is the role of managed service providers (MSPs) and cloud or hosting partners. Some analyses of Brickstorm activity suggest that the attackers have gone after MSP credentials and remote management paths in order to reach downstream customers. In other words, instead of attacking each target individually, the threat actors look for the providers who host, manage or support many targets at once.

This approach turns service providers into pressure points in the global supply chain:

• One compromised MSP vCenter instance can expose multiple tenants.
• Shared management networks can give attackers routes into segmented environments that would otherwise be difficult to reach.
• Customers often rely on assurances from providers rather than independently validating how virtual infrastructure is hardened and monitored.

Brickstorm, therefore, is not only a story about malware. It is a story about the risk of concentrated trust in a small number of platforms and vendors that sit at the centre of the IT supply chain.

A familiar geopolitical backdrop

The advisory from US and Canadian authorities explicitly attributes the activity to state-sponsored actors from the People’s Republic of China. It fits a wider pattern of campaigns where Chinese groups are accused of targeting telecommunications providers, cloud platforms and critical infrastructure to gain strategic advantage.

The alleged objectives in this case are consistent with long-term espionage and potential contingency planning. By gaining footholds in virtualisation environments at government agencies and technology providers, attackers can harvest intelligence, map dependencies and retain options for disruption if geopolitical tensions escalate.

Chinese officials have historically denied such allegations and criticised what they describe as unsubstantiated accusations. Whatever the political narrative, the technical evidence gathered in this campaign shows a highly capable adversary investing in bespoke tooling and patiently maintaining access for months or years.

How Brickstorm operates inside victim networks

Public reporting and the joint malware analysis reveal a multi-stage intrusion pattern. While individual incidents differ, a typical sequence looks like this.

1. Initial access: Attackers exploit a vulnerable internet-facing asset such as a web server, VPN appliance or management interface. In at least one case, a web shell on a demilitarised zone server provided the first foothold, although the original vulnerability exploited to plant the shell was not identified.
2. Discovery and credential theft: Once inside, the operators perform reconnaissance, harvest credentials and identify paths to higher-value systems. This often includes domain controllers, identity providers and management consoles.
3. Deployment of Brickstorm: Using their elevated access, the attackers upload and execute Brickstorm on VMware vCenter or ESXi hosts, and in some cases on Windows servers that play a role in management or identity.
4. Establishing persistence: The malware configures itself to survive reboots and blends into normal services. It sets up encrypted command-and-control channels to attacker infrastructure, which can be rotated if defenders start blocking known indicators.
5. Exploitation of virtual infrastructure: With the backdoor in place, operators interact with virtual machines, collect snapshots, and create or manage rogue VMs that may not be obvious through routine monitoring.
6. Long-term operations: Over time, the attackers use the access for data theft, strategic intelligence collection and potential preparation of the environment for later disruptive actions.

This model aligns with the broader behaviour of advanced persistent threat actors who emphasise persistence, stealth and strategic value over quick financial gain.

Why Brickstorm matters for every virtualised organisation

For many readers, this may sound like an issue confined to large government agencies and global technology firms. It is not. Any organisation that relies on virtualisation platforms and shared service providers can learn from this case.

Virtualisation has become almost invisible in daily operations. Teams think in terms of applications and containers, not in terms of which hypervisor hosts which virtual machine. Security models have sometimes mirrored that abstraction, with heavy investment in endpoint detection, identity management and network segmentation, but relatively little scrutiny of the underlying virtualisation and management stack.

Brickstorm exploits that blind spot. A single compromise in the virtual layer can cut across multiple controls higher up the stack. That is especially true when:

• vCenter or equivalent platforms are exposed to the internet or reachable from user segments without strong access controls.
• Service accounts and administrator credentials are reused or weakly protected.
• Monitoring of hypervisors and management appliances is limited compared to user-facing systems.

Even if an organisation is not directly in the crosshairs of a state-sponsored group, the same techniques are attractive to financially motivated actors who want efficient access to large environments such as cloud hosting providers or large enterprises.

Supply chain lessons for boards and regulators

The Brickstorm revelations also raise questions that extend beyond individual organisations and into the realm of policy and regulation.

Boards and regulators increasingly talk about supply-chain risk, but much of the focus has been on software dependencies, open source components and vendor risk questionnaires. The Brickstorm campaign underscores that infrastructure supply chains deserve equal attention. Key considerations include:

• Concentration risk: How many critical workloads and tenants depend on a small number of virtualisation platforms or service providers, and what happens if those platforms are compromised?
• Transparency of controls: Do providers give customers meaningful visibility into how management networks, hypervisors and privileged accounts are secured and monitored?
• Incident notification obligations: Are there clear, enforceable requirements for providers to notify customers and regulators if campaigns like Brickstorm are detected in environments that could affect them?
• Cross-border dependencies: When infrastructure crosses national boundaries, which legal and geopolitical factors affect the response to state-sponsored intrusion?

These questions are not easy, but they are now unavoidable. Brickstorm is a reminder that strategic cyber operations increasingly flow through shared infrastructure, not just through isolated corporate networks.

Practical steps for defenders

While the scale and sophistication of Brickstorm can be intimidating, there are concrete steps that organisations can take to reduce their exposure and improve their ability to detect similar campaigns.

1. Treat virtualisation management as critical infrastructure

vCenter, ESXi management interfaces, hypervisor consoles and similar components should be classified as critical assets, on par with identity providers and domain controllers. That means:

• Strong network isolation and segmentation away from general user networks.
• Least privilege access controls, with multi-factor authentication and just-in-time elevation where possible.
• Dedicated monitoring of logs, configuration changes and authentication events.

2. Review exposure of management interfaces

Organisations should audit how and where management interfaces are accessible. Any internet-facing management service should be considered high risk. Remote administration by MSPs or vendors should happen through hardened, audited channels that can be monitored and restricted.

3. Apply vendor hardening and detection guidance

US and Canadian authorities have released detailed indicators of compromise, sample hashes and detection rules related to Brickstorm. Even outside North America, defenders can use these artefacts to update detection content, query log data and hunt for similar behaviour in their environments.

4. Validate MSP and cloud provider security posture

Customers that rely on external providers for virtual infrastructure should actively question how those providers are responding to Brickstorm and similar threats. Key topics include patching status, isolation between tenants, incident response processes and the use of privileged access management for staff and automated tools.

5. Plan for long-dwell adversaries

Finally, organisations need to assume that sophisticated adversaries may already have spent months inside their environment before detection. That planning mindset changes how incident responders think about scoping, eradication and recovery. For virtualisation platforms, it may mean rebuilding or re-baselining core components rather than applying incremental fixes.

A warning shot for the virtual future

Brickstorm is unlikely to be the last custom backdoor that targets virtual infrastructure at scale. As more organisations embrace virtualisation, containers and cloud-native architectures, attackers will continue to look for ways to exploit the layers that tie everything together.

The significance of this campaign lies not only in what it reveals about one piece of malware, but in what it says about the direction of high-end cyber operations. Virtualisation platforms, managed service providers and other shared infrastructure are becoming a primary frontier in the contest between attackers and defenders.

For governments, regulators and enterprises alike, the message is clear. Securing the supply chain now means looking hard at the invisible plumbing of the digital world, and treating the control planes of virtual infrastructure as the strategic assets they truly are.