Summary: Hackers linked to China-based groups, especially UAT-5918, are targeting critical infrastructure in Taiwan to gain long-term access and steal sensitive information. This malicious activity aligns with tactics used by other state-backed groups, such as Volt Typhoon and Flax Typhoon, which have been known to exploit vulnerabilities in internet-facing systems. The U.S. has heightened its scrutiny towards these cyber threats amid rising tensions between China and Taiwan.
Affected: Taiwan’s critical infrastructure and related organizations
Keypoints :
- UAT-5918 targets Taiwan’s telecommunications, healthcare, and IT sectors.
- Hackers exploit vulnerabilities in web and application servers to gain network access.
- Flax Typhoon and Volt Typhoon are known for similar espionage tactics and have global targets.
- The FBI has intervened in Flax Typhoon’s operations, removing malware and controlling botnet infrastructure.
- China’s military has accused individuals in Taiwan of cyberattacks against the mainland.
- ESET’s report links another campaign, Operation FishMedley, to the same pattern of Chinese state-backed activities.
Source: https://therecord.media/taiwan-critical-infrastructure-hacking-uat-5918