Investment banks in the crosshairs
A second group, UNK_DropPitch, targeted the financial ecosystem surrounding Taiwan’s semiconductor industry. This group conducted phishing campaigns against investment banks, focusing on individuals specializing in Taiwanese semiconductor analysis. The phishing emails purported to come from fictitious financial firms seeking collaboration opportunities.
The third group, UNK_SparkyCarp, focused on credential harvesting through sophisticated phishing kits using custom adversary-in-the-middle frameworks targeting Taiwanese semiconductor companies, with emails masquerading as account login security warnings.
The targeting pattern reveals China’s comprehensive approach to intelligence gathering. Rawat noted that the espionage focus extends beyond traditional chipmakers to include “testing firms, supply chain players, and even financial analysts, indicating a broad attempt to map the full value chain and anticipate market dynamics.”
