Chinese-linked hackers are targeting the Taiwanese semiconductor industry and investment analysts as part of a string of cyber-espionage campaigns, researchers said yesterday.
While hacking to steal data and information about the industry is not new, there is an increase in sustained hacking campaigns from several China-aligned hacking groups, researchers with cybersecurity firm Proofpoint said in a new analysis.
“We’ve seen entities that we hadn’t ever seen being targeted in the past being targeted,” said Mark Kelly, a threat researcher focused on Chinese-related threats at Proofpoint.
Photo: Reuters
The previously unreported hacking campaigns were carried out by at least three distinct Chinese-linked groups primarily between March and last month, with some activity likely ongoing, Proofpoint said. They come amid rising restrictions by Washington on exports to China of US-designed chips that are often manufactured in Taiwan. China's chip industry has been working to replace its dwindling supply of sophisticated US chips, especially those used in artificial intelligence.
The researchers declined to identify the hacking targets, but told Reuters that approximately 15 to 20 organizations ranging from small businesses, analysts employed by at least one US-headquartered international bank, and large global enterprises faced attacks.
Major Taiwanese semiconductor firms include Taiwan Semiconductor Manufacturing Co, MediaTek, United Microelectronics Corp, Nanya Technology and RealTek Semiconductor. TSMC declined to comment. MediaTek, UMC, Nanya and RealTek did not respond to requests for comment.
Reuters was unable to identify the specific hacking targets or determine whether any of the efforts were successful.
A spokesperson for the Chinese embassy in Washington told Reuters in an email that cyberattacks “are a common threat faced by all countries, China included,” and that the Asian country “firmly opposes and combats all forms of cyber attacks and cyber crime — a position that is consistent and clear.”
The activity ranged from one or two emails sent as part of the more targeted campaign focused on specific people, to as many as 80 emails when trying to gain information from the company at large, Kelly said.
One group targeted semiconductor design, manufacturing and supply-chain organizations using compromised Taiwanese university email accounts to pose as job seekers and send malware via PDFs with URLs leading to malicious files, or a password-protected archive.
Another targeted financial analysts at major unnamed investment firms focused on the Taiwanese semiconductor industry by posing as a fictitious investment firm and seeking collaboration. Two of the entities are based in Asia, while the third is based in the US. The FBI declined to comment.
A representative of TeamT5, a cybersecurity firm based in Taiwan, told Reuters that it had also seen an increase in emails being sent targeting the semiconductor industry tied to a few hacking groups, “but not a wide or general phenomenon.”
Targeting of semiconductors and the supply chain around them “is a persistent threat that has existed for long,” the representative said, and a “constant interest” for Chinese-related advanced hacking operators.
These groups often target “peripheral suppliers or related industries,” the representative said, such as a situation last month where a China-linked hacking group identified by TeamT5 as "Amoeba" launched a phishing campaign against an unnamed chemical company that plays a critical role in the semiconductor supply chain.
Organizing one national referendum and 26 recall elections targeting Chinese Nationalist Party (KMT) legislators could cost NT$1.62 billion (US$55.38 million), the Central Election Commission said yesterday. The cost of each recall vote ranges from NT$16 million to NT$20 million, while that of a national referendum is NT$1.1 billion, the commission said. Based on the higher estimate of NT$20 million per recall vote, if all 26 confirmed recall votes against KMT legislators are taken into consideration, along with the national referendum on restarting the Ma-anshan Nuclear Power Plant, the total could be as much as NT$1.62 billion, it said. The commission previously announced
The Ministry of Foreign Affairs (MOFA) yesterday welcomed NATO Secretary-General Mark Rutte’s remarks that the organization’s cooperation with Indo-Pacific partners must be deepened to deter potential threats from China and Russia. Rutte on Wednesday in Berlin met German Chancellor Friedrich Merz ahead of a ceremony marking the 70th anniversary of Germany’s accession to NATO. He told a post-meeting news conference that China is rapidly building up its armed forces, and the number of vessels in its navy outnumbers those of the US Navy. “They will have another 100 ships sailing by 2030. They now have 1,000 nuclear warheads,” Rutte said, adding that such
Tropical Storm Nari is not a threat to Taiwan, based on its positioning and trajectory, the Central Weather Administration (CWA) said yesterday. Nari has strengthened from a tropical depression that was positioned south of Japan, it said. The eye of the storm is about 2,100km east of Taipei, with a north-northeast trajectory moving toward the eastern seaboard of Japan, CWA data showed. Based on its current path, the storm would not affect Taiwan, the agency said.
The Taipei Department of Health’s latest inspection of fresh fruit and vegetables sold in local markets revealed a 25 percent failure rate, with most contraventions involving excessive pesticide residues, while two durians were also found to contain heavy metal cadmium at levels exceeding safety limits. Health Food and Drug Division Director Lin Kuan-chen (林冠蓁) yesterday said the agency routinely conducts inspections of fresh produce sold at traditional markets, supermarkets, hypermarkets, retail outlets and restaurants, testing for pesticide residues and other harmful substances. In its most recent inspection, conducted in May, the department randomly collected 52 samples from various locations, with testing showing
RSS