Salmon Typhoon used LLMs for translation and intel-agency research
What they were trying to do
- 01
Evaluate LLMs as tools for sourcing information on sensitive topics, high-profile individuals, and regional geopolitics
- 02
Translate computing terms and technical papers
- 03
Research global intelligence agencies and US influence and internal affairs
How they did it
Salmon Typhoon conducted what the disclosure describes as an 'evaluating' phase — 'evaluating the effectiveness of LLMs in sourcing information on potentially sensitive topics, high profile individuals, regional geopolitics, US influence, and internal affairs' — alongside LLM-aided technical translation of computing terms and technical papers. The cluster also attempted to generate code with potential malicious intent, which the model declined.
Example queries
Verbatim excerpts from the disclosure — only what the vendor actually published.
Evaluating the effectiveness of LLMs in sourcing information on potentially sensitive topics, high profile individuals, regional geopolitics, US influence, and internal affairs
Queries on a diverse array of subjects, such as global intelligence agencies, domestic concerns, notable individuals
What they achieved
Concrete outputs obtained before platform disruption.
- before disruption
Information on global intelligence agencies, geopolitics, and notable individuals
- before disruption
Translation of computing terms and technical papers
OpenAI disabled all accounts and assets associated with Salmon Typhoon. The model declined requests for code with potential malicious intent, adhering to established ethical guidelines.
Full summary
PRC-affiliated intrusion set Microsoft tracks as Salmon Typhoon (also reported as SODIUM, historically APT4) used OpenAI services for translation of technical papers, retrieval of information about intelligence agencies and regional geopolitics, and other tasks suggesting strategic-research support. OpenAI disabled the associated accounts.
AI platforms involved
Related incidents (same country or vendor label)
- CN · China
GTG-1002: first publicly disclosed AI-orchestrated cyber espionage campaign (PRC state-sponsored)
2025-11-13Anthropic - CN · China
APT41 and 20+ PRC-affiliated clusters used Gemini for post-compromise scripting and EDR reverse engineering
2025-01-29Google (GTIG) - CN · China
SweetSpecter spear-phished OpenAI employees while using ChatGPT for recon
2024-10-09OpenAI - CN · China
Spamouflage Chinese influence operation used LLMs to draft posts
2024-05-30OpenAI - CN · China
Charcoal Typhoon used LLMs for tooling and social-engineering research
2024-02-14Microsoft + OpenAI
Source note: Every entry in this catalog is derived from a primary public disclosure by the named platform vendor. This entry cites Microsoft + OpenAI as the primary source. No private, speculative, or non-public claims are presented here.