When Hackers Overstay Their Welcome: Inside China’s 393-Day Cyber Espionage Marathon

Google’s Threat Intelligence Group and Mandiant have uncovered a Chinese cyberespionage campaign involving the stealthy backdoor BrickStorm. The hackers, tracked as UNC5221, linger in networks for over a year, targeting industries like SaaS and technology. Their mission? Pilfer source code to uncover zero-day vulnerabilities, because why not multitask while you’re at it?

3P
Published: September 25, 2025 11:36 amAdded: September 25, 2025 at 5:03 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like the Chinese cyberespionage squad is trying to pull off the ultimate game of digital hide-and-seek! With their BrickStorm backdoor, they’re not just peeking through the curtains but setting up camp in your digital living room for over a year. Talk about overstaying your welcome! Who knew that ‘long-term commitment’ was part of their cyber strategy?

Key Points:

  • Google’s Threat Intelligence Group and Mandiant have been analyzing the persistent Chinese cyberespionage campaign.
  • The campaign utilized BrickStorm, a stealthy malware backdoor linked to Chinese APT UNC5221.
  • Cyberspies dwelled in compromised networks for an average of 393 days.
  • BrickStorm has been deployed on various appliances, dodging traditional security measures.
  • The campaign targets industries like SaaS, technology, and BPO, with intentions beyond just cyberespionage.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?