China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

A China-aligned cyber espionage operation called Dragon Weave has launched targeted attacks against the Czech Republic and Taiwan, distributing a malware variant called AdaptixC2 to infiltrate government, research, academic, technology, and financial institutions.

Seqrite Labs identified the campaign and documented its distribution method. The attackers send spear-phishing emails containing ZIP file attachments to officials and individual citizens across both countries. This approach exploits human trust and lower email security scrutiny around compressed archives.

The AdaptixC2 agent functions as a command-and-control implant, granting attackers remote access and persistence within compromised networks. Once installed, the malware enables adversaries to execute commands, exfiltrate data, and maintain long-term surveillance of target systems.

The targeting pattern suggests geopolitical motivation. The Czech Republic has emerged as a NATO ally increasingly critical of Chinese operations, while Taiwan remains a primary intelligence focus for Beijing-aligned threat actors. The inclusion of government, financial, and technology sectors indicates objectives centered on gathering intelligence, stealing intellectual property, and monitoring political activity.

Government and private sector organizations in both countries should implement immediate defenses. Block unfamiliar ZIP attachments at email gateways. Apply network segmentation to isolate critical systems. Conduct user training to identify spear-phishing indicators, particularly emails requesting credential entry or unexpected file downloads.

Security teams should watch for AdaptixC2 artifacts including command infrastructure communications and behavioral signatures typical of C2 agents. Incident responders working in affected regions should prioritize endpoint hunting for evidence of prior infections.

The campaign underscores persistent adversary interest in Central European and Indo-Pacific targets. Organizations handling sensitive data or government contracts face elevated risk and should escalate monitoring protocols immediately.