China's Cyber Chaos: Smishing Tsunamis, AI Arms Races, and Luxury Hacks Galore! episode artwork

EPISODE · Aug 6, 2025 · 6 MIN

China's Cyber Chaos: Smishing Tsunamis, AI Arms Races, and Luxury Hacks Galore!

from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here on Digital Dragon Watch, and if you’ve got nerves of steel, you’ll need them—China cyber action this week has been more electrifying than a high-voltage power grid, and almost as unpredictable. Buckle up: we’re jumping straight into the breach. First up, the smishing tsunami that’s swept through the United States—security researchers just exposed an advanced network of Chinese-speaking cyber syndicates running large-scale attacks targeting digital wallets. These aren’t your garden variety phishing texts: these attacks exploit mobile wallets like Apple Pay and Google Wallet by bypassing multi-factor authentication entirely, using platforms like Lighthouse and phishing-as-a-service kits driven by cyber kingpins with aliases like “Lao Wang.” What’s wild? They’re turning pilfered card data into tokenized assets, then provisioning those cards onto attacker-controlled devices for seamless, legitimate-looking purchases—think contactless fraud that slips right past most defenses. We are talking about 115 million US cards exposed, all via slick SMS campaigns pretending to be everything from toll payment reminders to USPS notifications. Rockstar cybercrooks like Darcula, XinXin, and Panda Shop are all in on this action. Now, in a show of corporate whack-a-mole, Chinese threat actors Linen Typhoon and Violet Typhoon, along with the infamous Storm-2603, exploited not one but a series of SharePoint zero-days. Wouldn’t you know, these bugs were patched by Microsoft’s China-based code team…but the vulnerabilities started being exploited literally a day before the patch went public. Espionage and ransomware? Both, confirmed. These attackers aim for intellectual property theft, espionage, and are increasingly deploying Warlock ransomware. It’s got the Office of the Director of National Intelligence declaring China the “most active and persistent” cyber threat facing both US government and private sector critical infrastructure. Meanwhile, supply chain anxieties are reaching a fever pitch. The US just launched a Section 232 national security investigation into Chinese unmanned aircraft systems—think drones by DJI and Autel Robotics—amid legitimate fears they’re not just flying gadgets but reconnaissance platforms. There’s real concern over hacking, data theft, and China’s ability to weaponize its ridiculous dominance in the US drone market to cause havoc, from emergency response right up to military assets. Switching gears, luxury gets hacked—Chanel just confirmed unauthorized access to their US client database, piggybacking a similar breach at Dior in China. While the impact was limited to contact details, no malware was injected, and operations are unaffected, it’s yet another painful reminder that no one’s data is off-limits. Chanel’s incident response involved A-list cybersecurity experts and quick client notifications. The AI arms race also hit turbo this week. This content was created in partnership and with the help of Artificial Intelligence AI.

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here on Digital Dragon Watch, and if you’ve got nerves of steel, you’ll need them—China cyber action this week has been more electrifying than a high-voltage power grid, and almost as unpredictable. Buckle up: we’re jumping straight into the breach. First up, the smishing tsunami that’s swept through the United States—security researchers just exposed an advanced network of Chinese-speaking cyber syndicates running large-scale attacks targeting digital wallets. These aren’t your garden variety phishing texts: these attacks exploit mobile wallets like Apple Pay and Google Wallet by bypassing multi-factor authentication entirely, using platforms like Lighthouse and phishing-as-a-service kits driven by cyber kingpins with aliases like “Lao Wang.” What’s wild? They’re turning pilfered card data into tokenized assets, then provisioning those cards onto attacker-controlled devices for seamless, legitimate-looking purchases—think contactless fraud that slips right past most defenses. We are talking about 115 million US cards exposed, all via slick SMS campaigns pretending to be everything from toll payment reminders to USPS notifications. Rockstar cybercrooks like Darcula, XinXin, and Panda Shop are all in on this action. Now, in a show of corporate whack-a-mole, Chinese threat actors Linen Typhoon and Violet Typhoon, along with the infamous Storm-2603, exploited not one but a series of SharePoint zero-days. Wouldn’t you know, these bugs were patched by Microsoft’s China-based code team…but the vulnerabilities started being exploited literally a day before the patch went public. Espionage and ransomware? Both, confirmed. These attackers aim for intellectual property theft, espionage, and are increasingly deploying Warlock ransomware. It’s got the Office of the Director of National Intelligence declaring China the “most active and persistent” cyber threat facing both US government and private sector critical infrastructure. Meanwhile, supply chain anxieties are reaching a fever pitch. The US just launched a Section 232 national security investigation into Chinese unmanned aircraft systems—think drones by DJI and Autel Robotics—amid legitimate fears they’re not just flying gadgets but reconnaissance platforms. There’s real concern over hacking, data theft, and China’s ability to weaponize its ridiculous dominance in the US drone market to cause havoc, from emergency response right up to military assets. Switching gears, luxury gets hacked—Chanel just confirmed unauthorized access to their US client database, piggybacking a similar breach at Dior in China. While the impact was limited to contact details, no malware was injected, and operations are unaffected, it’s yet another painful reminder that no one’s data is off-limits. Chanel’s incident response involved A-list cybersecurity experts and quick client notifications. The AI arms race also hit turbo this week. This content was created in partnership and with the help of Artificial Intelligence AI.

NOW PLAYING

China's Cyber Chaos: Smishing Tsunamis, AI Arms Races, and Luxury Hacks Galore!

0:00 6:51

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Digital Dragon Watch: Weekly China Cyber Alert?

This episode is 6 minutes long.

When was this Digital Dragon Watch: Weekly China Cyber Alert episode published?

This episode was published on August 6, 2025.

What is this episode about?

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here on Digital Dragon Watch, and if you’ve got nerves of steel, you’ll need them—China cyber action this week has been more electrifying than a high-voltage...

Can I download this Digital Dragon Watch: Weekly China Cyber Alert episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!