Phish and Chips: China-Aligned Espionage Actors Ramp Up Taiwan Semiconductor Industry Targeting

SUMMARY :

Between March and June 2025, three Chinese state-sponsored threat actors conducted targeted phishing campaigns against the Taiwanese semiconductor industry. The campaigns targeted organizations involved in semiconductor manufacturing, design, testing, supply chain, and financial analysis. This activity likely reflects China's strategic priority to achieve semiconductor self-sufficiency and decrease reliance on international supply chains. The threat actors used various tactics including job application lures, investment collaboration pitches, and credential phishing. They deployed custom malware like Voldemort backdoor and HealthKick, as well as tools like Cobalt Strike. The targeting extended beyond semiconductor companies to include financial analysts specializing in the Taiwanese semiconductor market, indicating comprehensive intelligence collection efforts across the sector.

OPENCTI LABELS :

cobalt strike,espionage,phishing,sparkrat,voldemort,semiconductor,unk_droppitch,unk_sparkycarp,unk_fistbump,healthkick


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Phish and Chips: China-Aligned Espionage Actors Ramp Up Taiwan Semiconductor Industry Targeting