A sophisticated China-linked threat actor tracked as Warp Panda has been targeting legal, manufacturing, and technology organizations in the US with BrickStorm and other malware families.
Focusing on maintaining long-term access to the compromised networks, the Warp Panda APT is exploiting edge devices for initial access, and moves laterally to VMware vCenter servers using valid credentials or known vulnerabilities.
The threat actor has been observed using SSH and the privileged vCenter account vpxuser for lateral movement, relying on Secure File Transfer Protocol (SFTP) for data transfer between hosts, and tunneling traffic through the BrickStorm malware.
Active since at least 2022, Warp Panda was also seen hiding its tracks by clearing logs, modifying file timestamps, and shutting down malicious VMs after use.
Additionally, it has used an ESXi-compatible version of 7-Zip to stage data for exfiltration, has relied on 7-Zip for extracting data from a non-ESXi Linux-based hypervisor, and has cloned domain controller VMs.
In one case, the hacking group used a compromised network to perform reconnaissance against an Asia Pacific government entity.
BrickStorm malware built for persistence
The BrickStorm malware, initially observed in a 2023 attack targeting MITRE, was designed to masquerade as legitimate vCenter processes and has tunneling and file management functionality.
Google, which attributed BrickStorm to the Chinese hacking group UNC5221, recently uncovered a cyberespionage campaign in which the threat actor remained hidden in a compromised network for nearly 400 days.
CrowdStrike says it has seen only the Warp Panda APT using BrickStorm to date, but notes that the malware is likely used by “multiple adjacent China-nexus actors”.
On Thursday, the US cybersecurity agency CISA issued an alert on Chinese state-sponsored hackers targeting government, facilities, and information technology organizations with BrickStorm.
The malware, CISA says, provides long-term persistence on victim networks. In one instance, it was deployed on a VMware vCenter server in April 2024 and remained undetected until at least September 2025.
In addition to advanced communication concealing functionality, the malware “incorporates long-term persistence mechanisms, such as a self-monitoring function that automatically reinstalls or restarts the malware if disrupted, ensuring its continued operation,” CISA says.
More VMware malware, vulnerability exploitation
The Warp Panda APT, CrowdStrike reports, has used BrickStorm in combination with Junction and GuestConduit, two other Golang-written malware families targeting VMware servers that are likely meant to work together.
Junction acts as an HTTP server, can execute commands, proxy network traffic, and communicate with guest VMs using VM sockets (VSOCK).
GuestConduit has network tunneling capabilities, enabling communication between guest VMs and hypervisors, and parses JSON-formatted client requests.
CrowdStrike has observed Warp Panda exploiting multiple vulnerabilities in Ivanti Connect Secure VPN appliances (CVE-2024-21887 and CVE-2023-46805), VMware vCenter servers (CVE-2024-38812, CVE-2023-34048, and CVE-2021-22005), and F5 BIG-IP devices (CVE-2023-46747).
In 2025, the threat actor was seen targeting Microsoft Azure environments to access OneDrive, SharePoint, and Exchange data. In at least one instance, it registered a new multifactor authentication (MFA) device, while in another it abused Microsoft Graph API to perform reconnaissance.
“The adversary primarily targets entities in North America and consistently maintains persistent, covert access to compromised networks, likely to support intelligence-collection efforts aligned with [China’s] strategic interests. Warp Panda will likely maintain their intelligence-collection operations in the near to long term,” CrowdStrike notes.
Related: CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks
Related: China’s Cyber Silence Is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says
Related: Government, Industrial Servers Targeted in China-Linked ‘PassiveNeuron’ Campaign
Related: Microsoft: Russia, China Increasingly Using AI to Escalate Cyberattacks on the US
