Cybersecurity News that Matters

Cybersecurity News that Matters

Chinese firms spread propaganda through fake South Korean news sites

by Kuksung Nam, Areum Hwang, Arthur Gregory Willers

Nov. 14, 2023
10:10 AM GMT+9

A Chinese marketing firm created more than a dozen fake news websites and conducted propaganda campaigns against South Koreans, according to the South Korean intelligence agency on Monday.

In a report, the National Intelligence Service (NIS) and the National Cyber Security Center (NCSC) stated that they discovered eighteen fake news sites created by a Chinese press relations company, Shenzhen Haimai Yunxiang Medi Co., Ltd, which goes by the name Haimai.

The intelligence agency explained that the Chinese company leveraged its newswire distribution service to post pro-Beijing stories and anti-United States news content on their self-made websites. They discovered a total of forty-two posts that were simultaneously published at all of the fake sites from January of 2021 to October of 2023. The contents included stories that stated that South Korea has more to gain than lose from participating in the Summit for Democracy, which was hosted by the U.S. in March of this year. In comparison, they posted news articles that covered the success of the Beijing Winter Olympics last year.

These fake news sites tried to deceive readers by posting articles that were made to look as though they were created by reputable South Korean news agencies, but were not. According to one of the self-made news sites, the Seoul Press, readers could find a news article on the front page issued by one of South Korea’s business news organizations. The NIS assumed that the Chinese company manipulated a YouTube video created by a local South Korean news media outlet, deleted the company’s logo, and edited it as though they had created it themselves. They even misrepresented themselves as a member of the country’s Digital News Association.

Alongside Haimai, the intelligence agency discovered twenty more fake news websites created by a newswire distribution service and a Chinese marketing firm. According to the report, the Chinese marketing firm, named Haixun, was also involved in an influence operation uncovered by the U.S. cybersecurity firm Mandiant, which is owned by Google. Mandiant released a report in July of this year on their discovery of the advancement in the Chinese influence campaign, which they first discovered last year, stating that the marketing firm used newswire services to distribute pro-Beijing content to legitimate news outlets based in the U.S.

The South Korean intelligence agency is working on blocking these websites as they detected attempts to spread the news content posted on self-created websites onto social media platforms. “It is difficult to speculate on the objective of the Chinese marketing companies,” stated the NCSC in the report. “However, bad actors could abuse these websites to spread ill-intended news articles as if they were produced by legitimate South Korean news organizations. In this case, we could not exclude the possibility of them impacting South Korean public opinion.”


Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Kuksung Nam
    : Author

    Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and...

    View all posts
  • Areum Hwang
  • Arthur Gregory Willers

    Arthur Gregory Willers is a copyeditor at The Readable, where he works to make complex cybersecurity news accessible and engaging for readers. With over 20 years in education and publishing, his exper...

    View all posts
Stay Ahead with The Readable's Cybersecurity Insights