VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

A

Admin User

Administrator of InfoSecCenter. Passionate about cybersecurity, information security, and technology.

Save

A sophisticated China-aligned cyber espionage operation has been detected deploying a rare BSD variant of the notorious BRICKSTORM backdoor alongside additional malware payloads targeting Linux systems. Security researchers from Volexity have attributed this activity to a threat cluster they designate as VerdantBamboo, which reportedly overlaps with hacking groups tracked by Microsoft as Clay Typhoon. This development represents an evolution in adversarial tactics specifically tailored to compromise Linux-based infrastructure that many organizations consider relatively secure compared to Windows environments.

According to the Volexity report, VerdantBamboo has been observed deploying a multi-faceted malware arsenal in their recent operations. This includes the unusual BSD variant of BRICKSTORM—a backdoor previously associated primarily with Windows systems—alongside two additional malware families codenamed PLENET (also known as GRIMBOLT) and AGENTPSD. The targeting of Linux systems represents a notable shift in tactics for this threat actor, suggesting a strategic expansion beyond traditional Windows-focused operations to attack

Share

Shares: 0
LinkedIn WhatsApp Pinterest Print

You might also like

Comments (0)

Leave a Comment

No comments yet. Be the first to comment!