Threat Intelligence, Network Security

Taiwan targeted by suspected Chinese cyberespionage campaign

Chinese hacker. Laptop with binary computer code and china flag

At least 75 government, diplomatic, technology, and academic organizations across Taiwan have been targeted for reconnaissance as part of a cyberespionage operation by suspected Chinese state-backed threat operation RedJuliett, also known as Ethereal Panda and Flax Typhoon, from November 2023 to April 2024, The Hacker News reports.

Attacks by RedJuliett have also successfully compromised two dozen entities around the world, including government organizations in Kenya, Laos, and Rwanda, during the same period, an analysis from Recorded Future's Insikt Group showed. Intrusions involved the utilization of the open-source SoftEther software in infiltrated networks, which was followed by China Chopper, Godzilla, AntSword, and devilszShell web shell distribution. "RedJuliett, like many other Chinese threat actors, is likely targeting vulnerabilities in internet-facing devices because these devices have limited visibility and security solutions available, and targeting them has proven to be an effective way to scale initial access," said researchers. While the report noted RedJuliett's interest in gathering intelligence on Taiwan's diplomatic relations and trade policy, China regarded the findings as "fabricated disinformation."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.