Support Us Sign In

Chinese Officials Reveal Taiwanese Hacker Attacks: Relatively Low Level

cs_opinion_img
After a major cyber attack on a Guangzhou technology company by a Taiwanese hacker group, police investigations reveal a broader pattern of attacks targeting key network systems across mainland China. The attackers employ low-level techniques but continue to escalate their efforts, posing significant risks to sensitive sectors.
May 27, 2025
author_image
The China Academy
Click Register
Register
Try Premium Member
for Free with a 7-Day Trial
Click Register
Register
Try Premium Member for Free with a 7-Day Trial

The Guangzhou police discovered that after a local technology company was attacked by an overseas hacker organization, a technical team was organized to analyze the attack program and system logs. It was initially found that the attack was conducted by a hacker group nurtured by the Democratic Progressive Party authorities of Taiwan.

On May 20th, a police report from Guangzhou’s Tianhe District Police Station stated that following the attack, the authorities immediately collected attack program samples, secured related evidence, and organized a professional technical team for source tracing.

According to the police investigation, the Taiwanese hacker group has frequently used open network asset monitoring platforms in recent years to conduct large-scale network asset probes across over 10 provinces in mainland China, targeting more than 1,000 key network systems (including military, energy, hydropower, transportation, and government sectors). They have collected basic system information and technical intelligence, executing multiple rounds of cyber attacks using phishing emails, exploiting public vulnerabilities, brute force password attacks, and simple Trojan programs. Notably, since last year, the scale and frequency of their attacks against domestic targets have significantly increased, showing clear malicious intent.

Technical experts highlight that this Taiwanese hacker group demonstrates low technical proficiency, with simple and crude attack methods. Their self-made Trojan programs have poor programming standards, leaving behind traceable crime clues, aiding the police in identifying perpetrators and locating their internet access points.

Technical analysis reveals that although they frequently utilized VPNs, overseas cloud hosts, and bot machines, executing attacks through numerous IP addresses from countries like the USA, France, South Korea, Japan, the Netherlands, Israel, and Poland to conceal their true attack origins, thorough network investigation uncovers the entire process and real intentions of these attacks.

Editor: Zhongxiaowen

References
Share This Post
Comments
Latest Popular

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Comment
Cancel