Chinese-linked hackers have intensified cyber-espionage efforts against Taiwan’s semiconductor industry and financial analysts, conducting coordinated attacks between March and June 2025, with some operations still ongoing. Reuters reports that cybersecurity firm Proofpoint has attributed the activity to at least three previously undocumented China-aligned groups—UNK_FistBump, UNK_DropPitch, and UNK_SparkyCarp—while a fourth group, UNK_ColtCentury (also tracked as TAG-100 or Storm-2077), attempted to build trust with its targets before deploying a remote access trojan (RAT) known as Spark. These attacks are believed to be part of Beijing’s long-term push for semiconductor self-sufficiency, driven by U.S. export restrictions and Taiwan’s dominance in advanced chip manufacturing. The hackers have focused on organizations involved in semiconductor design, manufacturing, testing, and supply chains, as well as investment analysts tracking Taiwan’s semiconductor sector. Proofpoint estimates that 15 to 20 organizations were targeted, ranging from medium-sized businesses to major global enterprises, along with analysts at at least one U.S.-headquartered international bank. While Taiwan’s major chipmakers, including TSMC, MediaTek, UMC, Nanya, and RealTek, declined or did not respond to comment, Reuters has been unable to confirm which firms were breached or whether any of the attacks succeeded. The group says that in all cases, the motive “was most likely espionage.”

Full report : Chinese state-sponsored cyberattacks target Taiwan semiconductor industry.