EPISODE · Aug 6, 2025 · 6 MIN
China's Cyber Chaos: Smishing Tsunamis, AI Arms Races, and Luxury Hacks Galore!
from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here on Digital Dragon Watch, and if you’ve got nerves of steel, you’ll need them—China cyber action this week has been more electrifying than a high-voltage power grid, and almost as unpredictable. Buckle up: we’re jumping straight into the breach. First up, the smishing tsunami that’s swept through the United States—security researchers just exposed an advanced network of Chinese-speaking cyber syndicates running large-scale attacks targeting digital wallets. These aren’t your garden variety phishing texts: these attacks exploit mobile wallets like Apple Pay and Google Wallet by bypassing multi-factor authentication entirely, using platforms like Lighthouse and phishing-as-a-service kits driven by cyber kingpins with aliases like “Lao Wang.” What’s wild? They’re turning pilfered card data into tokenized assets, then provisioning those cards onto attacker-controlled devices for seamless, legitimate-looking purchases—think contactless fraud that slips right past most defenses. We are talking about 115 million US cards exposed, all via slick SMS campaigns pretending to be everything from toll payment reminders to USPS notifications. Rockstar cybercrooks like Darcula, XinXin, and Panda Shop are all in on this action. Now, in a show of corporate whack-a-mole, Chinese threat actors Linen Typhoon and Violet Typhoon, along with the infamous Storm-2603, exploited not one but a series of SharePoint zero-days. Wouldn’t you know, these bugs were patched by Microsoft’s China-based code team…but the vulnerabilities started being exploited literally a day before the patch went public. Espionage and ransomware? Both, confirmed. These attackers aim for intellectual property theft, espionage, and are increasingly deploying Warlock ransomware. It’s got the Office of the Director of National Intelligence declaring China the “most active and persistent” cyber threat facing both US government and private sector critical infrastructure. Meanwhile, supply chain anxieties are reaching a fever pitch. The US just launched a Section 232 national security investigation into Chinese unmanned aircraft systems—think drones by DJI and Autel Robotics—amid legitimate fears they’re not just flying gadgets but reconnaissance platforms. There’s real concern over hacking, data theft, and China’s ability to weaponize its ridiculous dominance in the US drone market to cause havoc, from emergency response right up to military assets. Switching gears, luxury gets hacked—Chanel just confirmed unauthorized access to their US client database, piggybacking a similar breach at Dior in China. While the impact was limited to contact details, no malware was injected, and operations are unaffected, it’s yet another painful reminder that no one’s data is off-limits. Chanel’s incident response involved A-list cybersecurity experts and quick client notifications. The AI arms race also hit turbo this week. This content was created in partnership and with the help of Artificial Intelligence AI.
What this episode covers
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here on Digital Dragon Watch, and if you’ve got nerves of steel, you’ll need them—China cyber action this week has been more electrifying than a high-voltage power grid, and almost as unpredictable. Buckle up: we’re jumping straight into the breach. First up, the smishing tsunami that’s swept through the United States—security researchers just exposed an advanced network of Chinese-speaking cyber syndicates running large-scale attacks targeting digital wallets. These aren’t your garden variety phishing texts: these attacks exploit mobile wallets like Apple Pay and Google Wallet by bypassing multi-factor authentication entirely, using platforms like Lighthouse and phishing-as-a-service kits driven by cyber kingpins with aliases like “Lao Wang.” What’s wild? They’re turning pilfered card data into tokenized assets, then provisioning those cards onto attacker-controlled devices for seamless, legitimate-looking purchases—think contactless fraud that slips right past most defenses. We are talking about 115 million US cards exposed, all via slick SMS campaigns pretending to be everything from toll payment reminders to USPS notifications. Rockstar cybercrooks like Darcula, XinXin, and Panda Shop are all in on this action. Now, in a show of corporate whack-a-mole, Chinese threat actors Linen Typhoon and Violet Typhoon, along with the infamous Storm-2603, exploited not one but a series of SharePoint zero-days. Wouldn’t you know, these bugs were patched by Microsoft’s China-based code team…but the vulnerabilities started being exploited literally a day before the patch went public. Espionage and ransomware? Both, confirmed. These attackers aim for intellectual property theft, espionage, and are increasingly deploying Warlock ransomware. It’s got the Office of the Director of National Intelligence declaring China the “most active and persistent” cyber threat facing both US government and private sector critical infrastructure. Meanwhile, supply chain anxieties are reaching a fever pitch. The US just launched a Section 232 national security investigation into Chinese unmanned aircraft systems—think drones by DJI and Autel Robotics—amid legitimate fears they’re not just flying gadgets but reconnaissance platforms. There’s real concern over hacking, data theft, and China’s ability to weaponize its ridiculous dominance in the US drone market to cause havoc, from emergency response right up to military assets. Switching gears, luxury gets hacked—Chanel just confirmed unauthorized access to their US client database, piggybacking a similar breach at Dior in China. While the impact was limited to contact details, no malware was injected, and operations are unaffected, it’s yet another painful reminder that no one’s data is off-limits. Chanel’s incident response involved A-list cybersecurity experts and quick client notifications. The AI arms race also hit turbo this week. This content was created in partnership and with the help of Artificial Intelligence AI.
NOW PLAYING
China's Cyber Chaos: Smishing Tsunamis, AI Arms Races, and Luxury Hacks Galore!
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.