Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Banner Ancharia Mobile 1
HackTheBox 970x120 1
China Accuses US of Cyber Attacks, Denies Involvement in Brickstorm Malware

China Accuses US of Cyber Attacks, Denies Involvement in Brickstorm Malware

6 December 2025 19:25

A spokesperson for the Chinese Embassy in Canada responded to a reporter’s question about the outcry in Canada over so-called “Chinese cyber attacks.”

A reporter asked : Recently, the Canadian Cyber Security Centre, along with the U.S. Cybersecurity and Infrastructure Security Agency and the National Security Agency, jointly released an analysis report stating that Chinese government-backed cyber threat actors used the Brickstorm malware to infiltrate the systems of government agencies, facilities, and IT organizations.

What is China’s comment?

As we all know, the United States is the true “hacker empire,” the master of cyber attacks and the greatest threat to global cybersecurity. The so-called analysis report ignores the United States’ rampant cyber attacks, while making baseless accusations against China. This is a classic case of the pot telling the cauldron it’s black, and it’s malicious. China firmly opposes it.

China is a major victim of cyber attacks and has consistently and resolutely opposed and fought all forms of cyber attacks in accordance with the law, remaining firmly committed to safeguarding cyber security.

China urges Canada to immediately stop following the US lead, to stop politicizing and stigmatizing cybersecurity issues, and to stop instrumentalizing cybersecurity issues to smear China.”

Cybersecurity agenciesCISA, NSA, and the Canadian Cyber Security Centre — have warned that the Brickstorm malware has been used to infiltrate and establish itself within the networks of “critical organizations” for years.

Brickstorm—which can run on Linux, VMware, and Windows systems—allows attackers to obtain credentials, control machines, move laterally across networks, and establish communication and data transfer tunnels, leaving victims vulnerable to data theft, exfiltration, or potential sabotage. In one reported case, attackers gained access to a VMware vCenter server in April 2024 and maintained control until at least September 2025.

Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.

Cropped RHC 3d Transp2 1766828557 300x300
The editorial staff of Red Hot Cyber is composed of IT and cybersecurity professionals, supported by a network of qualified sources who also operate confidentially. The team works daily to analyze, verify, and publish news, insights, and reports on cybersecurity, technology, and digital threats, with a particular focus on the accuracy of information and the protection of sources. The information published is derived from direct research, field experience, and exclusive contributions from national and international operational contexts.