Taiwanese semiconductor companies and related organizations are being targeted by Chinese state-sponsored threat actors using sophisticated spear-phishing campaigns. These cyber espionage activities aim to gather strategic intelligence related to semiconductor design, manufacturing, and investment sectors. #UNK_FistBump #AP41 #SaltTyphoon
Keypoints
- Chinese threat actors UNK_FistBump, UNK_DropPitch, and UNK_SparkyCarp conducted spear-phishing campaigns targeting Taiwanese semiconductor entities.
- Activities include the delivery of Cobalt Strike, Voldemort backdoor, and HealthKick DLL payloads for cyber espionage purposes.
- Attackers employed various social engineering techniques, such as employment-themed emails and credential phishing, to infiltrate target networks.
- Salt Typhoon has infiltrated a U.S. stateβs National Guard, collecting sensitive military and infrastructure data over a prolonged period.
- Exploitation of known vulnerabilities in Cisco and Palo Alto Networks devices facilitated initial access for several threat groups.
Read More: https://thehackernews.com/2025/07/chinese-hackers-target-taiwans.html