Tensions between China and Taiwan have led to a significant increase in cyberattacks targeting Taiwan, according to a new report by security experts at Trellix.
In particular, the company found a spike in cyberattacks targeting industries in Taiwan, with the primary goal being to deploy malware and steal confidential information.
“Trellix observed a spike in malicious emails targeting Taiwan from April 7th to April 10th. ,” the report said.
“Different industries were targeted during the surge, but the most affected industries in each period were Network/IT, Manufacturing and Logistics.”
Additionally, Trellix observed a significant increase in extortion emails targeting Taiwanese government officials.
“While it is unclear whether this activity was attributed to China-backed actors, it speaks to the continued rise in attacks specifically targeting Taiwan.”
Trellix researchers have found many types of malicious emails, including false overdue notices, bogus shipping notices from reputable companies like DHL, and fraudulent quote request emails containing malware-laden attachments. Identified an email campaign.
Additionally, attackers use phishing pages and malicious URLs to trick users into revealing their login details.
One notable piece of malware observed during these attacks is PlugX. This is a Remote Access Trojan (RAT) commonly associated with the Chinese Advanced Persistent Threat (APT) group.
Read more about PlugX: Black Basta introduces PlugX malware to USB devices with new technique
Trellix also reported instances of other malware families such as Kryptik, Zmutzy, and Formbook.
“It is important that everyone stay vigilant and take necessary precautions to protect themselves from potential breaches,” the report said.
“This includes adopting cybersecurity best practices and staying informed about the latest threats.”
The Trellix report comes almost a year after Taiwan experienced a distributed denial of service (DDoS) attack on a government website following a visit by a senior U.S. lawmaker.
