BRICKSTORM Malware Analysis: State-Sponsored Cyber Threat

Cybersecurity agencies have identified BRICKSTORM malware being used by a country's state-sponsored actors for long-term persistence on victim systems. The malware targets VMware vSphere and Windows environments, using sophisticated techniques for initiation, persistence, and secure command and control (C2). Organizations are urged to use provided indicators of compromise (IOCs) and detection signatures to identify and mitigate the threat. The malware analysis report includes YARA and Sigma rules for detection.