The Reveal Platform
Intel Name: Threat group targets companies in taiwan
Date of Scan: June 18, 2025
Impact: Medium
Summary: In early 2025, a threat group launched a targeted malware campaign against users in Taiwan, distributing the Winos 4.0 malware via phishing emails disguised as official messages from Taiwan’s National Taxation Bureau. By March 2025, the campaign expanded to include links reused from previous attacks. The group also deployed variants of the HoldingHands RAT (also known as Gh0stBins), typically delivered through ZIP file attachments in phishing emails. This ongoing campaign highlights a persistent effort to compromise organizations in Taiwan using evolving malware tactics.
