China Hackers Test AI-Optimized Attack Chains in Taiwan - Dark Reading

Threat IntelligenceCyber RiskCyberattacks & Data BreachesVulnerabilities & ThreatsNewsBreaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia PacificChina Hackers Test AI-Optimized Attack Chains in TaiwanAI might help some threat actors in certain respects, but one group is proving that its use for cyberattacks has its limits.Nate Nelson,Contributing WriterOctober 16, 20255 Min ReadSource: Ascannio via Alamy Stock PhotoA Chinese threat actor has been testing out whether artificial intelligence (AI) can enhance its cyberattacks against Taiwan.The AI revolution in cyber threats has been long heralded though little observed. For some years now, prognosticators have been warning about incoming AI-generated malware, exploitation techniques, even full attack chains right around the corner. In that time, though, there's been scattered evidence of AI helping threat actors with much beyond research, very basic coding, and prosaic phishing emails.In an October update on its efforts to secure its own technology from threat actors, OpenAI took ample room to discuss "UNK_DropPitch," a Chinese state-aligned threat actor. DropPitch has been trying to match the AI hype, using ChatGPT and a bit of DeepSeek to generate phishing emails and enhance its backdoor malware.In a report shared exclusively with Dark Reading, Proofpoint revealed the results of DropPitch's experiment with ChatGPT: unqualified failure.Related:China Uses Dual-Method Cyberattack on Czech Orgs"You're seeing some state-aligned actors use AI in different ways," Alexis Dorais-Joncas, senior manager of threat research for Proofpoint, told a room of reporters at the company's Predict 2025 conference in Nashville. In the case of DropPitch, he said, "the results were questionable at best. Terrible-looking phishing emails. So you know, AI used by incompetent people will lead to incompetent results."DropPitch Cyberattacks Target Taiwanese OrgsDropPitch is low down the pecking order among Chinese state-associated threat actors, perhaps more creative than sophisticated.In April and May, 2025, it was observed attacking the Taiwanese semiconductor industry. Rather than manufacturers, or government or defense agencies, though, it went after major investment firms in Taiwan's semiconductor space. That was a circuitous way to undermine the country, and if not for its tactics, techniques, or procedures (TTPs), DropPitch was at least remarkable in that regard.The researchers now report that, following their initial batch of research, DropPitch activity increased "significantly." Its attacks became higher-volume and persistent — pestering the same targets week after week, and sometimes many times in the same day. Their target list also expanded. In June and July, the group targeted the finance and semiconductor sectors, academics and think tanks, in both Taiwan and the US. OpenAI also saw targeting of other organizations associated with ethnic and political groups critical of the Chinese Communist Party (CCP)Related:Chinese APTs Share Linux Backdoor in Central Asia Telco AttacksIn retrospect, the attackers were probably able to do so much more by leaning heavily on ChatGPT. A ChatGPT (De-)Optimized CyberattackLike other threat actors before it, DropPitch used ChatGPT to generate phishing emails. The aim was to design emails in a variety of languages, which appeared to come from relevant personas for their target audience. For example, researchers seeking collaboration was a common theme.Some of the resulting emails victims received were downright inexplicable. In some cases, the body of the email was written three times over in three different languages. Some included mismatched or obviously scammy contact details, email signatures, and metadata. Their content sometimes didn't match the occasion, like the one pretending to come from Pornhub's casting team. Other times, the email and the malicious document attached didn't align.The hackers also asked ChatGPT for help optimizing its rudimentary custom backdoor, "HealthKick." They wanted snippets of code that could help gather information from victim machines, run Powershell scripts, and make their code more evasive. They conversed with the AI at length about using AES to secure their command-and-control (C2) traffic, and asked for code that'd help them upgrade their C2 traffic from WebSockets and HTTP to secure WebSockets and HTTPS. They asked for help in integrating open source (OSS) scanning toolsRelated:Tropic Trooper APT Takes Aim at Home Routers, Japanese TargetsAt one point, the hackers explored how they might use AI to automatically analyze Web content, generate a list of emails belonging to their targets, and tailor content to target them with. But ChatGPT stopped short of offering overtly nefarious advice of the kind, or any uniquely malicious code that would help. Comically, the threat actors then asked it if DeepSeek could help them instead.As with the emails, the resulting backdoor came out with…quirks. Its C2 protocol was bespoke but very basic, it used two separate sets of fake TLS headers for no discernible reason, and the archive files it came packaged in also sometimes contained totally random and purposeless audio and video recordings, explicit images, and nonsensical text files.DropPitch Drops ChatGPT as a ConduitDropPitch's own feelings and takeaways from its AI experiment were revealed when it switched tactics yet again, late in July. Since then the group's activity has slowed down again, its phishing emails have returned to normal, and it's now trying to engage victims person-to-person before infecting them with malware. In other words, it's going back to old, tried and true tactics, techniques, and procedures (TTPs).In the end, DropPitch is perhaps the most obvious case study in a recently obvious phenomenon: that threat actors just aren't weaponizing AI like we thought they would."There is a fundamental conundrum when it comes to AI, and it’s not just a cybersecurity problem, it’s a unilateral problem across all industries," argues Daniel Blackford, vice president of threat research at Proofpoint. In essence, businesses are facing the same problem the hackers are. "We have visible, tangible evidence of the capability of the technology to perform certain functions and recognize that it will be transformational, we have some imagination for ways that transformation could proceed, but the transformation hasn’t been fully realized yet. And it’s not even necessarily easy to speak to more than a handful of immediate (tactical) changes a business can make, to then forecast from there directions the technology could go."In other words, whether in cyber campaigns or product marketing campaigns, "transformational" and "game-changing" AI is still largely theoretical.Blackford adds that hackers are likely to trail businesses in AI adoption, because "to some extent threat actors are by definition forced into the same limitations as their intended victim set. You can’t jailbreak or poison or reverse engineer an agent or MCP server full of agents until those things are actually deployed and made accessible in the environments of the victims an actor gains access to.""The rate of evolution of the models is breakneck," he says, so the landscape could shift at any moment. "However, the models are tools, not exhaustive application of tools or outcomes."Read more about:DR Global Asia PacificAbout the AuthorNate NelsonContributing WriterNate Nelson is a journalist and award-winning scriptwriter. In addition to Dark Reading he writes for Darknet Diaries, the most popular show in cybersecurity across all media.He began his career as a freelancer, ghostwriting Forbes and CNBC op-eds for executives in tech and finance. Then he transitioned to journalism at Threatpost, where he covered cybersecurity news and trends. Throughout those years he co-created a cybersecurity podcast, Malicious Life, which in its day climbed into the Top 20 technology podcasts charts on Apple Podcasts and Spotify.He holds degrees from New York University and Bard College. As a born and bred New Yorker, he enjoys a superiority complex, but is polite enough to keep it to himself.See more from Nate NelsonWant more Dark Reading stories in your Google search results?Add Us NowMore InsightsIndustry ReportsHow Organizations Are Managing Incident ResponseHow Enterprises Are Developing Secure ApplicationsInside RSAC 2026: security leaders reveal the risks redefining your defense strategyEssential News & Insights from Black Hat USA 2025How Enterprises Are Harnessing Emerging Technologies in CybersecurityAccess More ResearchWebinarsAdvanced Persistent Threats: A Practical Guide to Detection and ResponseThe Frontier AI Era: Why Cybersecurity Must Move at Machine SpeedBuild vs. Buy: The Hidden Cost of Building Your Own AI Security StackDefending in the Shadow Era: When the CVE Feed Goes DarkBuilding SecOps That Make the Most of Every DollarMore WebinarsEditor's ChoiceCybersecurity Operations20 Leaders Who Built the CISO Era: 2 Decades of Change20 Leaders Who Built the CISO Era: 2 Decades of ChangebyDark Reading Editorial TeamMay 12, 202641 Min ReadApplication SecurityIt's Patch Tuesday for Microsoft & Not a Zero-Day In SightIt's Patch Tuesday for Microsoft & Not a Zero-Day In SightbyJai VijayanMay 12, 20265 Min ReadWant more Dark Reading stories in your Google search results?Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeWebinarsAdvanced Persistent Threats: A Practical Guide to Detection and ResponseTuesday, June 30, 2026 @ 1:00 PM Eastern Daylight TimeThe Frontier AI Era: Why Cybersecurity Must Move at Machine SpeedTuesday, June 23, 2026 1:00 PM EDTBuild vs. Buy: The Hidden Cost of Building Your Own AI Security StackThurs, June 25, 2026, at 1pm ESTDefending in the Shadow Era: When the CVE Feed Goes DarkTues, June 16, 2026 at 1pm ESTBuilding SecOps That Make the Most of Every DollarThurs, July 9, 2026 at 1pm ESTMore WebinarsAug 1-6 | Mandalay Bay, Las Vegas Use code: DARKREADING & save $200 on a Briefings pass or $100 on a Business passThe premier cybersecurity event returns.GET YOUR PASSAnatomy of a Data BreachThis comprehensive virtual event examines the main vulnerabilities and exploits that lead to enterprise data breaches, plus the latest tools and best practices for conducting incident response.Beat Hackers To It