A surge in targeted cyberattacks linked to Chinese state-sponsored hacker groups has been observed since spring 2025, with key Taiwanese semiconductor companies becoming primary targets. These attacks aim to steal critical technologies vital for the development of artificial intelligence systems, reports Baltimore Chronicle citing a cybersecurity report by Proofpoint.
According to Proofpoint researchers, at least three hacker groups believed to be tied to the Chinese government carried out coordinated attacks against firms engaged in chip design, manufacturing, and supply. Among the companies targeted were Taiwan Semiconductor Manufacturing Company (TSMC), MediaTek, United Microelectronics Corporation, Nanya Technology, and Realtek Semiconductor.
These attacks coincide with the tightening of U.S. export controls on advanced U.S.-made semiconductors bound for China, particularly those used in AI applications.
Mark Kelley’s threat intelligence team at Proofpoint noted that recent campaigns have expanded their scope to include organizations that had not previously been targeted. One hacker group reportedly conducted phishing campaigns using compromised accounts from Taiwanese universities. Disguised as job seekers, they delivered malware through infected PDF files or encrypted archives.
Another group posed as an investment firm offering collaboration opportunities. Through extended correspondence with analysts, they attempted to infect recipients’ systems via malicious email attachments.
Earlier we wrote that Israeli hackers breach Iran’s Nobitex cryptocurrency exchange.