CISA warns of Chinese “BrickStorm” malware attacks on VMware servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about Chinese hackers using BrickStorm malware to target VMware vSphere servers, creating rogue virtual machines for credential theft and data exfiltration. The malware employs advanced encryption and tunneling techniques, with detection and mitigation guidance provided by CISA, NSA, and the Cyber Security Centre.