{"id":17387,"date":"2025-08-29T13:12:00","date_gmt":"2025-08-29T13:12:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/"},"modified":"2025-08-29T13:12:00","modified_gmt":"2025-08-29T13:12:00","slug":"abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/","title":{"rendered":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia.<br \/>\n&#8220;Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage or login<a href=\"https:\/\/thehackernews.com\/2025\/08\/abandoned-sogou-zhuyin-update-server.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. &#8220;Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17388,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-17387","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. &quot;Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. &quot;Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-08-29T13:12:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-08-29T13:12:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. &quot;Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/server-update-Tp3ar9.png\",\"width\":728,\"height\":380},\"datePublished\":\"2025-08-29T13:12:00+00:00\",\"dateModified\":\"2025-08-29T13:12:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. \\\"Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/server-update-Tp3ar9.png\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":728,\"height\":380},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/29\\\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-08-29T13:12:00+00:00\",\"dateModified\":\"2025-08-29T13:12:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. \"Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#blogposting","name":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/08\/server-update-Tp3ar9.png","width":728,"height":380},"datePublished":"2025-08-29T13:12:00+00:00","dateModified":"2025-08-29T13:12:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#listItem","name":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/","name":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. \"Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/08\/server-update-Tp3ar9.png","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#mainImage","width":728,"height":380},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-08-29T13:12:00+00:00","dateModified":"2025-08-29T13:12:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. &quot;Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-08-29T13:12:00+00:00","article:modified_time":"2025-08-29T13:12:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. &quot;Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage"},"aioseo_meta_data":{"post_id":"17387","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-08-29 14:55:28","updated":"2025-10-15 16:33:09","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tAbandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/29\/abandoned-sogou-zhuyin-update-server-hijacked-weaponized-in-taiwan-espionage-campaign-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17387","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=17387"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17387\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/17388"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=17387"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=17387"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=17387"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}