US, Canada warn of Chinese-linked Brickstorm malware that gains long-term access

'Tis the season to be generous. Please support Metacurity in our mission to end infosec news overload.

Metacurity is a pure labor of love and is the only daily newsletter that delivers the critical infosec developments you need to know, scanned from thousands of sources and smartly summarized.

But to continue delivering our daily updates, we need your support. Please consider upgrading to an annual paid subscription today.

If you can't upgrade to a paid subscription today, please consider donating what you can.

The Cybersecurity and Infrastructure Security Agency, the National Security Agency, and the Canadian Centre for Cyber Security issued an advisory warning that Chinese-linked hackers used sophisticated malware known as Brickstorm to penetrate and maintain long-term access to unnamed government and information technology entities.

According to the advisory, which was published alongside a more detailed malware analysis report, the state-backed hackers are using malware known as “Brickstorm” to target multiple government services and information technology entities. Once inside victim networks, the hackers can steal login credentials and other sensitive information and potentially take full control of targeted computers.

In one case, the attackers used Brickstorm to penetrate a company in April 2024 and maintained access through at least September 3, 2025, according to the advisory. CISA Executive Assistant Director for Cybersecurity Nick Andersen declined to share details about the total number of government organizations targeted or specifics around what the hackers did once they penetrated their targets during a call with reporters on Thursday.

The advisory and malware analysis reports are based on eight Brickstorm samples obtained from targeted organizations, according to CISA. The hackers are deploying the malware against VMware vSphere, a product sold by Broadcom's VMware to create and manage virtual machines within networks. (AJ Vicens / Reuters)

Related: CISA, CrowdStrike, Defense.gov, BleepingComputer, CISA, Android Police, GovInfoSecurity.com, The Record, CyberScoop, Federal News Network, The Register, The Cyber Express, Nextgov/FCW, CRN, Cybersecurity Dive, Computerworld Security, Red Hot Cyber

According to new evidence published by Amnesty International, spyware maker Intellexa, best known for its Predator spyware, had remote access to some of its government customers’ surveillance systems, giving company staffers the ability to see the personal data of people whose phones had been hacked with its Predator spyware.

Amnesty and a coalition of media partners, including Israeli newspaper Haaretz, Greek news site Inside Story, and Swiss outlet Inside IT, published a series of reports based on leaked material from Intellexa, including internal company documents, sales and marketing material, and training videos. 

Perhaps the most striking revelation is that people working at Intellexa could allegedly remotely access the surveillance systems of at least some of its customers via TeamViewer, an off-the-shelf tool that allows users to connect to other computers over the internet.

The remote access is shown in a leaked training video revealing privileged parts of the Predator spyware system, including its dashboard, as well as the “storage system containing photos, messages, and all other surveillance data gathered from victims of the Predator spyware,” Amnesty wrote in its report. (Amnesty published screenshots taken from the video, but not the full video.)

The nonprofit researchers wrote that the leaked video shows apparent “live” Predator infection attempts “against real targets,” based on detailed information “from at least one infection attempt against a target in Kazakhstan.” The video contained the infection URL, the target’s IP address, and the software versions of the target’s phone.

Separately, Google Threat Intelligence Group (GTIG), Recorded Future, and Amnesty, published information on Intellexa’s recent activities, unveiling the real-world impact of their surveillance tools and detailing the actions we are taking against this industry.

Among the key findings, GTIG revealed that Intellexa has solidified its position as one of, if not the most, prolific spyware vendors exploiting zero-day vulnerabilities against mobile browsers.

The spyware vendor, made up of several legal entities spanning across Greece, Ireland, Hungary, North Macedonia, and beyond, is behind at least 15 of the 70 zero-day exploits documented by GTIG and its predecessor, Google’s Threat Analysis Group (TAG), since 2021.

The Amnesty report revealed that Intellexa has recently developed a new strategic infection vector, ‘Aladdin,’ which can enable silent zero-click infection of target devices anywhere in the world.

The vector, which was first exposed by Haaretz and Inside Story, exploits the commercial mobile advertising ecosystem to carry out infections.

Amnesty describes the attack chain as “technically complex to implement” but “conceptually simple.”

Recorded Future revealed that two newly identified entities appearing to operate in the advertising sector may be connected to Aladdin. (Lorenzo Franceschi-Bicchierai / TechCrunch) and Kevin Poireault / Infosecurity Magazine)

Related: Google Cloud, Recorded Future, Amnesty International, Haaretz, Inside Story, Inside IT, Wav Research Collective, Infosecurity Magazine, CyberScoop, WebProNews, The Record, The Cyber Express

CISA and the Australian Signals Directorate’s Australian Cyber Security Centre, in collaboration with federal and international partners, have released new cybersecurity guidance: Principles for the Secure Integration of Artificial Intelligence in Operational Technology.

The 25-page document, titled ‘Principles for the Secure Integration of Artificial Intelligence in Operational Technology’, describes four key principles for securely integrating AI into OT systems.

The first principle focuses on understanding AI, including its unique risks and potential impact on OT. For instance, the use of artificial intelligence can introduce cybersecurity risks that lead to system compromise, disruptions, financial loss, and functional safety impact.

The second principle outlined by the government agencies focuses on determining the business use case of AI. A business needs to assess whether AI is the right solution for its needs compared to other available solutions. 

Critical infrastructure operators must then address data security challenges and understand the role of OT vendors in AI integration.

The third principle focuses on AI governance and assurance, including establishing governance mechanisms for AI, integrating AI into existing security frameworks, and conducting testing and evaluations. Organizations also need to focus on regulatory and compliance considerations. 

The last principle covers oversight and failsafe practices: ensuring monitoring and oversight mechanisms, and embedding safety and failsafe systems. (Eduard Kovacs / Security Week)

Related: CISA, CISA, SC Media, Red Hot Cyber

In his new startup, Phreeli, privacy stalwart Nicholas Merrill has aimed to create the most privacy-focused cellular provider available to Americans.

Phreeli wants to offer actual anonymity. It can’t help government agencies or data brokers obtain users’ identifying information because it has almost none to share. The only piece of information the company records about its users when they sign up for a Phreeli phone number is, in fact, a mere ZIP code. That’s the minimum personal data Merrill has determined his company is legally required to keep about its customers for tax purposes.

By asking users for almost no identifiable information, Merrill wants to protect them from one of the most intractable privacy problems in modern technology: Despite whatever surveillance-resistant communications apps you might use, phone carriers will always know which of their customers’ phones are connecting to which cell towers and when.

Carriers have frequently handed that information over to data brokers willing to pay for it, or any FBI or ICE agent that demands it with a court order. (Andy Greenberg / Wired)

Related: Business Wire, How-to-Geek, Interesting Engineering, Android Authority

Taiwan's interior ministry said it would suspend access to the Instagram-like Chinese social media platform Xiaohongshu for one year, citing security risks and its alleged involvement in over 1,700 fraud cases since 2024.

The ministry said the fraud cases on the app, also known in English as Rednote, which has three million subscribers, had resulted in losses of T$247.68 million ($7.91 million) since last year and had failed all 15 indicators in a government cybersecurity assessment.

The app's lack of compliance with Taiwan laws has hampered fraud investigations, creating a substantive legal vacuum, the ministry said in its statement issued on behalf of Taiwan's National Police Agency.

The ministry will issue an order for internet blocking and access restriction against the Xiaohongshu app for a provisional period of one year, and subsequent measures will depend on whether the company responds in good faith and complies with Taiwan's laws and regulations, it said.

In October, Taiwan contacted Xiaohongshu's Shanghai-based parent, asking for concrete measures to ensure data safety, but the company has not responded, the ministry added.

All platforms operating within Taiwan must comply with local legal frameworks by appointing legal representatives, and Xiaohongshu must not remain outside the jurisdiction of Taiwan's legal system, the ministry said. (Ben Blanchard / Reuters)

Related: BBC News, CNN, Financial Times, Bloomberg, CNBC, Focus Taiwan, Taipei Times

Researchers at Cleafy discovered a new Android malware family called Albiriox, which is showing signs of developing rapidly and already has strong capabilities, giving attackers live remote control over infected phones, letting them quietly drain bank and crypto accounts during real sessions.

Albiriox is an Android Remote Access Trojan (RAT) and banking Trojan built for on-device fraud, where criminals perform transactions directly on the victim’s phone instead of just stealing passwords. It has a structured architecture with loaders, command modules, and control panels tailored to financial apps and cryptocurrency services worldwide.

In one early campaign, Albiriox targeted Austria. But unlike older mobile malware that focused on a single bank or country, Albiriox already targets hundreds of banking, fintech, payment, and crypto apps across multiple regions. Its internal application-monitoring database included more than 400 applications.

Since it’s a MaaS service, attackers can distribute Albiriox in any way they like. The usual methods are through fake apps and social engineering, often via smishing or links that impersonate legitimate brands or app stores. In at least one campaign, victims were lured with a bogus retailer app that mimicked a Google Play download page to trick them into installing a malicious dropper.

The first app victims see is usually just a loader that downloads and installs the main Albiriox payload after gaining extra permissions. To stay under the radar, the malware uses obfuscation and crypting services to make detection harder for security products. (Pieter Arntz / Malwarebytes)

Related: Cleafy, Android Authority, Android Police, TechRadar, SC Media

The UK's National Cyber Security Center (NCSC) announced the testing phase of a new service called Proactive Notifications, designed to inform organizations in the country of vulnerabilities present in their environment.

The service is delivered through cybersecurity firm Netcraft and is based on publicly available information and internet scanning.

The NSCS will identify organizations that lack essential security services and will contact them with specific software update recommendations that address unpatched vulnerabilities.

This may include recommendations on specific CVEs or general security issues, such as the use of weak encryption.

“Scanning and notifications will be based on external observations such as the version number publicly advertised by the software,” NCSC explains, adding that this activity is “in compliance with the Computer Misuse Act.”

Organizations are strongly encouraged to sign up for the more mature ‘Early Warning’ service to receive timely notifications for security issues affecting their networks. (Bill Toulas / Bleeping Computer)

Related: NCSC

Sources say the Trump administration is aiming to release its six-part national cybersecurity strategy in January, which will consist of a mere five pages and possibly be followed by an executive order to implement the new strategy.

The administration has been soliciting feedback in recent days, which one source considered more of a “messaging” document than anything, with more important work to follow.

According to sources familiar with the strategy, the six “pillars” focus on cyber offense and deterrence; aligning regulations to make them more uniform; bolstering the cyber workforce; federal procurement; critical infrastructure protection; and emerging technologies.

An opening section of the draft offers a Trumpian call for a more muscular approach to cyberspace. Despite its short length — the Biden administration’s cybersecurity strategy was 35 pages long — it touches on a significant number of topics.

Those subjects include cybercrime, China, artificial intelligence, post-quantum cryptography, and more. (Tim Starks / CyberScoop)

Related: FedScoop

In a new report, the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) says that reports of ransomware incidents and payments dropped in 2024 after law enforcement disrupted two high-profile ransomware groups.

Reported ransomware incidents and payments reached an all-time high in 2023, according to the release. There were 1,512 incidents and a total of $1.1 billion in payments that year.

Following the disruption of the two ransomware groups, those figures declined in 2024 to 1,476 incidents and a total of $734 million in payments, per the release.

The activities that drove this decline were the disruption of the ALPHV/Blackcat ransomware group by US federal law enforcement in December 2023 and the disruption of the LockBit ransomware group by US and UK authorities in February 2024, according to the report. (PYMNTS.com)

Related: FinCEN, FinCEN

A Moscow court handed a 21-year prison sentence to Artyom Khoroshilov, a physicist accused of treason, attacking critical infrastructure, and plotting sabotage, state media reported, citing official sources.

Khoroshilov, a researcher at the Moscow Institute of General Physics, was also fined 700,000 rubles ($9,158) and will serve the first five years of his term in a high-security prison. Prosecutors had asked for an even harsher punishment: 25 years in a penal colony. In April, Khoroshilov was added to Russia’s list of terrorists and extremists.

Khoroshilov was arrested in August 2024 and charged with treason for transferring more than $9,000 to a Ukrainian charity foundation that supports the armed forces. He admitted making the transfers, saying he intended to help relatives and civilians in the Kyiv region and mistakenly donated to organizations supporting Ukraine’s military.

Prosecutors also accused Khoroshilov of keeping components for an explosive device and photographing rail lines near a military unit. He said the chemicals were for gardening and denied knowing the tracks he photographed were connected to any military facility.

Police said Khoroshilov carried out a distributed denial-of-service attack (DDoS) on Russian postal systems in August 2022 using software allegedly found on his home computer. His co-workers told local media the accusations made little sense, claiming he “barely knew how to program” and could not have orchestrated such an attack. (Daryna Antoniuk / The Record)

Related: Tass, The Moscow Times, Novaya Gazeta

Birdie Kingston, an alleged hacker already facing charges of targeting a Sydney university, is now accused of additional cyber crimes against the institution.

In June, police charged former student Birdie Kingston, 27, with infiltrating Western Sydney University's (WSU) servers and threatening to sell student data on the dark web.

Police now allege that while out on bail, Ms Kingston was behind further cyber attacks on WSU where 109,745 fraudulent emails disparaging the university were sent to students.

According to court documents, police allege Ms Kingston accessed the university's parking and their "no reply" email addresses to cause it financial disadvantage in October.

Around the same time, the university alerted staff and students that its systems had been breached, and personal information had been stolen.

Between June 19 and August 22, while on bail, the court documents state, Ms Kingston allegedly stole data and injected code into the WSU servers.

Detectives will also allege Ms Kingston fabricated and posted material in an attempt to exonerate herself from the existing allegations that she was the hacker. (Anton Rose / ABC.net.au)

Related: The Australian, 7News, Daily Telegraph

The popular open-source SmartTube YouTube client for Android TV was compromised after an attacker gained access to the developer's signing keys, leading to a malicious update being pushed to users.

The compromise became known when multiple users reported that Play Protect, Android's built-in antivirus module, blocked SmartTube on their devices and warned them of a risk.

The developer of SmartTube, Yuriy Yuliskov, admitted that his digital keys were compromised late last week, leading to the injection of malware into the app.

Yuliskov revoked the old signature and said he would soon publish a new version with a separate app ID, urging users to move to that one instead.

SmartTube is one of the most widely downloaded third-party YouTube clients for Android TVs, Fire TV sticks, Android TV boxes, and similar devices. (Bill Toulas / Bleeping Computer)

Related: GitHub, GitHub, TechRadar, SC Media, WebProNews

Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN secure access gateways to plant webshells and create rogue users.

Array Networks fixed the vulnerability in a May security update, but has not assigned an identifier, complicating efforts to track the flaw and patch management.

An advisory from Japan's Computer Emergency and Response Team (CERT) warns that hackers have been exploiting the vulnerability since at least August in attacks targeting organizations in the country.

The agency reports that the attacks originate from the IP address 194.233.100[.]138, which is also used for communications.

The flaw impacts ArrayOS AG 9.4.5.8 and earlier versions, including AG Series hardware and virtual appliances with the ‘DesktopDirect’ remote access feature enabled. (Bill Toulas / Bleeping Computer)

Related: JP Cert

The Ladies’ College in Guernsey "acted swiftly" after it was ordered to improve its security measures following an IT breach last year.

The Office of the Data Protection Authority said the college was unable to access several of its on-premises servers on 24 June 2024, and an investigation identified unauthorised access had been made to some of its systems.

An investigation carried out by the authority found that while the college had systems in place that detected the suspicious authentication activity, it "did not implement appropriate processes to be notified of or monitor such detections."

It found that the majority of encrypted information was not personal data and was not related to students. (Zhara Simpson / BBC News)

Related: Office of the Data Protection Authority, Bailiwick Express

Security researcher Jeremiah Fowler discovered that an AI image generator startup had left more than 1 million images and videos created with its systems exposed and accessible to anyone online, with the overwhelming majority of the photos involving nudity and depicting adult content.

Fowler says multiple websites—including MagicEdit and DreamPal—all appeared to be using the same unsecured database. In October, when he discovered the database, around 10,000 new images were being added to the database every day. Indicating how people may have been using the image-generation and editing tools, these images included “unaltered” photos of real people who may have been nonconsensually “nudified,” or had their faces swapped onto other, naked bodies.

After Fowler got in touch with the AI-image-generator firm, the spokesperson says, it closed access to the exposed database and launched an “internal investigation with external legal counsel.” It also “suspended access to our products pending the investigation’s outcome,” the spokesperson says. The MagicEdit and DreamPal websites and mobile applications were accessible until WIRED got in touch with those who run them. (Matt Burgess / Wired)

Related: ExpressVPN

A new study from Italy’s Icaro Lab, an AI evaluation and safety initiative from researchers at Rome’s Sapienza University and AI company DexAI indicates that framing AI prompts as poetry could skirt safety features designed to block production of explicit or harmful content like child sex abuse material, hate speech, and instructions on how to make chemical and nuclear weapons, a process known as jailbreaking.

The researchers, whose work has not been peer reviewed, said their findings show “that stylistic variation alone” can circumvent chatbot safety features, revealing a whole host of potential security flaws companies should urgently address.

For the study, the researchers handcrafted 20 poems in Italian and English containing requests for usually-banned information. These were tested against 25 chatbots from companies like Google, OpenAI, Meta, xAI, and Anthropic. On average, the AI models responded to 62 percent of the poetic prompts with forbidden content that went against the rules they had been trained to follow.

The researchers used the handcrafted prompts to train a chatbot that generated its own poetic commands from a benchmark database of over 1,000 prose prompts that produced successful results 43 percent of the time, still “substantially outperforming non-poetic baselines.” (Robert Hart / The Verge)

Related: arXiv, Wired, Business Today, arXiv.org e-Print archive, arXiv.org e-Print archive, Engadget, Livemint, Tech Times, Schneier on Security, The Cyber Express, KnowTechie, Hacker News (ycombinator)

Israeli cybersecurity company imper.ai emerged from stealth, announcing its public launch and $28 million in new funding.

Redpoint Ventures and Battery Ventures led the round, with participation from Maple VC, Vessy VC, and Cerca Partners. (Ynet Global)

Related: Imper.ai, Fortune, Silicon Angle, Tech Funding News

Lumia, an AI security and governance platform that helps enterprises monitor and control employee use of artificial intelligence and autonomous agents, announced it had raised $18 million in a venture funding seed round.

Team8 led the round with participation from New Era. (Ynet Global)

Related: Tech Funding News

Best Thing of the Day: It's Hard to Verify Bots Meaningfully

The EU fined Elon Musk's social media platform X €120m (around $139 million) for the deceptive practice of allowing people to pay for a blue verified check mark on their profile, when X is not "meaningfully verifying" who is behind the account.

Worst Thing for the Day: More Bang for the Buck Without the Encryption Hassles

According to Sophos, cybercriminals targeting the manufacturing sector are increasingly focusing on data exfiltration rather than encryption.

Closing Thought