China's Affiliated Hackers Target Attacks That Continue To Increase To Taiwan's Chip Industry

Hackers affiliated with China are increasingly targeting Taiwan's semiconductor industry (photo: x @AdliceSoftware)

JAKARTA China-affiliated hackers are increasingly targeting Taiwan's semiconductor industry and investment analysts as part of a series of cyber espionage campaigns. This was revealed according to a research report on Wednesday, July 16, 2025.

Although hacking to steal industrial data and information is nothing new, researchers from cybersecurity firm Proof reported an increase in the ongoing hacking campaign of several allegedly affiliated hacker groups with China.

"We see entities that have never previously been targeted are now starting to be targeted," said Mark Kelly, a threat researcher focused on Chinese-related threats at Proof, quoted by VOI from Reuters.

The previously unreported hacking campaign was carried out by at least three Chinese-related hacker groups, mainly between March and June 2025, with some activities likely still ongoing, according to Proofpoint.

This attack comes amid rising chip export restrictions from the US that Washington often produces in Taiwan to China. China's chip industry is trying to replace the running low supply of US advanced chips, especially those used for artificial intelligence (AI).

Researchers declined to identify specific targets, but stated that around 15 to 20 organizations, ranging from small businesses, analysts working for at least one US-based international bank, to major global companies, were targeted for attacks.

Taiwan's major semiconductor companies include Taiwan Semiconductor Manufacturing Co (TSMC), MediaTek, United Microelectronics Corp (UMC), Nanya Technology, and RealTek Semiconductor. TSMC declined to comment, while MediaTek, UMC, Nanya, and RealTek did not respond to requests for comment. Reuters was unable to identify specific targets or determine whether the attack was successful.

A spokesman for the Chinese Embassy in Washington said in an email to Reuters that cyberattacks are a common threat facing all countries, including China, and that China firmly opposes and combats all forms of cyberattacks and cybercrime a consistent and clear position.

Hacker Operandi Mode

Hacking activity varies, ranging from one or two emails targeted at certain individuals to 80 emails to obtain information from the company widely, Kelly said.

One group targets semiconductor design, manufacturing and supply organizations using the hacked Taiwan university email account, pretending to be a job seeker, and sending malware through PDF files containing links to malicious files or password-protected archives.

Other groups are targeting financial analysts at unnamed large investment firms, which focus on Taiwan's semiconductor industry, by pretending to be a fictitious investment firm seeking collaboration. Two Asian-based entities, while the third is US-based. The FBI declined to comment.

TeamT5 representatives, Taiwan-based cybersecurity firms, said they also saw an increase in emails targeting the semiconductor industry from several hacker groups, but not a widespread or general phenomenon.

Targeting semiconductors and their supply chains is a continuous threat and has been around for a long time, the representative said, and has become a constant interest' for state-of-the-art hacking operators related to China.

The hacker group often targets peripherals or related industries,' as in the June case when a Chinese-linked hacker group identified by TeamT5 as Amoeba launched a phishing campaign against unnamed chemical companies, which played an important role in semiconductor supply chains.