中国相关黑客利用高级恶意软件通过VMware缺陷渗入美国和加拿大政府及IT网络, Chinese-linked hackers used advanced malware to infiltrate U.S. and Canadian government and IT networks via VMware flaws, maintaining access since April 2024.

2025年12月4日美国和加拿大网络安全机构警告中国相关黑客使用复杂的恶意软件, U.S. and Canadian cybersecurity agencies warned on December 4, 2025, that Chinese-linked hackers used sophisticated malware, including a strain called "Brickstorm," to infiltrate and maintain long-term access to unnamed government and IT organizations. 这些袭击针对关键的基础设施和敏感网络,利用VMware v Sphree系统窃取证书并获得全面控制,一个经证实的案件表明,从2024年4月至至少2025年9月,持续进入。 The attacks, targeting critical infrastructure and sensitive networks, exploited VMware vSphere systems to steal credentials and gain full control, with one confirmed case showing persistent access from April 2024 to at least September 2025. 由CISA、国安局和加拿大网络中心发布的联合咨询意见引用了8个恶意软件样本,并指出了法律、软件和技术部门的类似入侵。 The joint advisory, issued by CISA, the NSA, and Canada’s cyber center, cited eight malware samples and noted similar intrusions across legal, software, and tech sectors. 虽然没有指明具体实体,但这些机构强调破坏威胁和需要加大防御力度。 While no specific entities were named, the agencies stressed the threat of sabotage and the need for heightened defenses. 中国大使馆否认参与,Broadcom敦促客户安装补丁。 The Chinese embassy denied involvement, and Broadcom urged customers to apply patches.