China-linked cyber espionage group VerdantBamboo has been observed deploying a BSD variant of the BRICKSTORM backdoor along with PLENET (GRIMBOLT) and AGENTPSD malware to target Linux systems. Volexity attributes this activity to VerdantBamboo, which overlaps with Microsoft's Clay Typhoon threat group. This represents an expansion of the threat actor's capabilities to target BSD and Linux-based ap
A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems. The activity has been attributed by Volexity to a threat cluster it tracks as VerdantBamboo, which it said overlaps with hacking groups known as Clay Typhoon (Microsoft),
Originally published at thehackernews.com
60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.
