"Cyber Warfare Escalates Amid China-Taiwan Tensions"

According to security researchers at Trellix, China–Taiwan tensions have led to a significant increase in cyberattacks targeting Taiwan.  The researchers spotted a surge in cyberattacks aimed at Taiwanese industries, with the primary goal of deploying malware and stealing sensitive information.  The researchers stated that they observed a surge in malicious emails targeted toward Taiwan, starting April 7 and continuing until April 10.  The number of malicious emails during this time increased to over four times the usual amount.  The researchers noted that although various industries were targeted during the surge, the most impacted industries in the respective time frame were networking/IT, manufacturing, and logistics.  Moreover, the researchers observed a significant rise in extortion emails targeting Taiwan government officials.  The researchers stated that though it’s unclear if this activity is from China-backed threat actors, it speaks to a continued increase in attacks specifically targeting Taiwan.  The researchers identified different types of malicious email campaigns, including false payment overdue notifications, fake shipment notifications from reputable companies like DHL, and fraudulent quotation request emails that contain malware-laden attachments.  Additionally, attackers have employed phishing pages and harmful URLs to trick users into revealing their login details.  One notable malware observed during these attacks is PlugX, a Remote Access Trojan (RAT) commonly associated with Chinese Advanced Persistent Threat (APT) groups.  The researchers also saw other malware families being used, such as Kryptik, Zmutzy, and Formbook.

Infosecurity reports: "Cyber Warfare Escalates Amid China-Taiwan Tensions"