Chinese Threat Actors Target Taiwan’s Semiconductor Industry

Chinese Threat Actors Target Taiwan’s Semiconductor Industry

Researchers from cybersecurity company Proofpoint have released new insights uncovering a significant escalation in China-aligned cyber espionage operations targeting Taiwan’s critical semiconductor industry. The findings reveal a concerted and expanding effort by multiple state-sponsored threat actors to infiltrate and gather intelligence from this vital sector which could have some impact on Australian businesses.

Between March and June 2025, Proofpoint’s Threat Researchers observed at least three distinct China-aligned threat actors – UNK_FistBump, UNK_DropPitch, and UNK_SparkyCarp – conducting highly targeted phishing campaigns against a wide array of Taiwanese semiconductor entities. This includes manufacturers, designers, testing facilities, supply chain partners, and even financial investment analysts specialising in the market.

Key findings include:

  • Campaigns spanning the entire semiconductor ecosystem, from core manufacturing to specialised financial analysis, indicating a comprehensive intelligence gathering mandate.
  • Threat actors leveraging employment-themed lures, fictitious collaboration proposals, and credential phishing, often using compromised university accounts or custom Adversary-in-the-Middle (AiTM) frameworks.
  • Observations of the deployment of custom backdoors like Voldemort and HealthKick, alongside the use of legitimate tools for persistence and remote access, showcasing the adaptability of these groups.
  • The analysis revealed shared infrastructure patterns, including the use of Russian VPS providers and SoftEther VPN servers, offering clues into the operational security of these state-backed groups.

While the motivation for the highlighted campaigns is likely espionage, for Australian companies that rely on global tech supply chains, they should be taking the specific due diligence step of prioritising understanding any business risk they may face as a result of intellectual property theft from Taiwanese semiconductor companies.

Notably, this surge in activity also likely reflects China’s strategic imperative to achieve semiconductor self-sufficiency and reduce its reliance on international supply chains, especially considering recent US and Taiwanese export controls.




Source link