TAIPEI (Taiwan News) — Taiwan’s Administration for Cyber Security issued a warning over a surge in fake websites exploiting the popular messaging app Line to deceive users into downloading malware disguised as the latest updates or desktop versions.
The ACS said it has identified and disclosed nine such malicious web addresses, requesting that authorities suspend access to the sites. The agency reminded users to download applications only from official channels to prevent personal data breaches, per CNA.
Line, a widely used messaging app in Taiwan, has increasingly become a target for cybercriminals. A common tactic involves creating fake desktop download websites that resemble official Line pages, luring users into installing compromised software.
The agency said threat intelligence indicates these spoofing operations are highly organized, exploiting Line’s popularity in Taiwan. Both the number of attacks and their sophistication have increased significantly.
Investigations found attackers often use paid advertisements or search engine optimization poisoning techniques to manipulate search rankings, allowing fake websites to appear above the official site in search results and increasing the likelihood that users will click on them.
The nine fraudulent websites identified by the ACS are www.linekr.com, www.line-china.com, line-tw.com, line-zhcn.com, line-ios.com, www.linecl.com, www.linerm.com, www.lineoe.com, and www.line-tww.com.
Hackers often create URLs closely resembling the official Line website, https://www.line.me/, by adding extra letters or altering domain endings, making them difficult for users to distinguish. These fake sites may also promote “latest versions” or “free animated stickers” to entice downloads.
ACS has requested that the Ministry of Justice’s Investigation Bureau notify the Taiwan Network Information Center to stop DNS resolution or restrict access in accordance with the Fraud Crime Hazard Prevention Act, preventing the spread of malicious programs.
The agency warned that once malicious files are executed, devices may be infected with malware capable of screen recording, keystroke logging, camera activation, or remote control. Victims may also be tricked into entering account credentials, leading to identity theft and financial losses. To reduce risk, it recommends installing or updating Line only through official platforms such as Google Play, Apple App Store, Microsoft, or directly from the official website.
The agency emphasized that legitimate developers will not ask users to update software via links sent through SMS, email, or social media messages. Users are advised to verify suspicious messages through official channels.
If users suspect they have accessed a fake site, they should check for unfamiliar login activity on their Line account, log out of unknown devices, change passwords, and enable two-factor authentication. If a suspicious installation file has been downloaded, it should be deleted immediately and not executed.
If already installed, users should disconnect from the internet and consider resetting their device. The ACS also urged the public to report incidents via the 165 anti-fraud hotline or Taiwan’s online fraud reporting system.
