TAIPEI (Taiwan News) — Chinese state-run media on Tuesday alleged that a hacker group tied to Taiwan's ruling party was responsible for cyberattacks on an unnamed Guangzhou tech firm. 

The Global Times, citing a May 20 bulletin from Guangzhou police, reported that a foreign hacker group had launched the attacks, per CNA. Preliminary investigations linked them to a group allegedly backed by the DPP.

Chinese police alleged that the hackers targeted over 1,000 critical network systems across more than 10 provinces, affecting defense, energy, hydropower, transportation, and government. They reportedly conducted extensive reconnaissance, collecting basic system data and technical intelligence.

In successive cyberattacks, the group allegedly used phishing emails, exploitation of publicly known vulnerabilities, brute-force password attempts, and simple homemade Trojans. A technical analysis found they used VPNs, overseas cloud servers, and botnets to route attacks through IP addresses in countries including the US, France, South Korea, Japan, the Netherlands, Israel, and Poland.

Chinese authorities said the scale and frequency of attacks from the Taiwanese group have increased since 2024. They claimed the intrusions showed “clear intentions of disruption and sabotage, reflecting extremely malicious intent."

China’s Ministry of State Security claimed that Taiwan’s Ministry of National Defense's Information, Communications and Electronic Force Command has launched cyberattacks against Chinese networks, including operations by a hacker group known as “Anonymous 64,” per CNA. In March, China claimed it identified four active ICEFCOM members and uncovered dozens of cyberattack platforms allegedly used by the unit.

The ICEFCOM said China misrepresented publicly available online images to fabricate baseless accusations. The command added that these claims reflect an aggressive mentality aimed at intimidating and coercing Taiwanese.