VerdantBamboo APT Deploys BSD BRICKSTORM Backdoor on Linux Appliances

A China-linked cyber espionage group tracked as VerdantBamboo has been observed deploying a BSD variant of the BRICKSTORM backdoor alongside two new malware families, PLENET (aka GRIMBOLT) and AGENTPSD, to compromise Linux-based appliances and pivot into enterprise cloud environments. Researchers at Volexity, who disclosed the activity, attribute the cluster with high confidence to overlapping aliases Clay Typhoon (Microsoft), UNC5221 (Google Mandiant), and Warp Panda (CrowdStrike). The intrusion was uncovered during an incident response engagement in September 2025, revealing that the threat actor had maintained access to the victim's environment for at least 18 months by quietly piggybacking on legitimate web SSL VPN traffic.

The initial foothold was established through the victim's Egnyte Storage Sync appliance by exploiting a local privilege escalation flaw, which was patched in Storage Sync version 13.13 released in March 2026. From the appliance, VerdantBamboo leveraged BRICKSTORM's built-in proxying capabilities along with stolen credentials to reach the organization's Microsoft 365 environment, a strategy designed to evade Conditional Access policies by blending in with normal network traffic. Defenders investigating suspicious inbound connections to corporate appliances can use a VPN and proxy detection tool to flag traffic that may be tunneled through compromised edge devices, and a WHOIS lookup to vet unfamiliar IP addresses that recurrently contact sensitive infrastructure.

After initial remediation, the actor returned by reusing harvested administrative credentials to re-enter through the firewall, reconfigure web SSL VPN access, and deploy additional payloads to a Synology Network Attached Storage (NAS) appliance over SSH. Two implants were dropped in this stage: PLENET, a cross-platform .NET Core backdoor with interactive shell, remote command execution, file manipulation, and C2-switching capabilities, and a new native AOT-compiled version of BRICKSTORM tailored for BSD systems, accompanied by AGENTPSD, a lightweight Python reverse shell used as a fallback. Notably, Volexity traced the root of the compromise back to the victim's Managed Services Provider, whose pfSense firewall had been infected with the BSD BRICKSTORM variant around the same timeframe, confirming a classic privacy and exposure checkup scenario where third-party access becomes the weakest link in the supply chain.

PLENET had previously been documented by Google earlier this year in attacks attributed to suspected China-nexus cluster UNC6201, which exploited CVE-2026-2276 in Dell RecoverPoint for Virtual Machines. The convergence of tooling, BSD-focused tradecraft, and supply-chain abuse via MSPs underscores how state-aligned actors are increasingly targeting appliance ecosystems, BSD-based firewalls, and NAS devices as stealthy staging grounds for long-dwell intrusions against high-value enterprise tenants.