Malware that appears to be controlled from China targeting countries involved in the dispute over South China Sea national boundaries has been uncovered by security software vendor F-Secure.
The discovery of the malware follows a ruling by the Permanent Court of Arbitration in The Hague over China’s territorial claims to most of the South China Sea in a case brought by the government of the Philippines.
The international tribunal ruled against China’s claims, but China’s foreign ministry rejected its judgement, declaring that the decision was “null and void and has no binding force”.
The malware, a remote-access Trojan, enables its controllers to exfiltrate data from infected machines. F-Secure claims that it was widely deployed in the run-up to the 12 July ruling. The Philippines seems to have been targeted in particular by the campaign, while the malware, dubbed NanHaiShu by F-Secure appeared to make use of code and infrastructure associated with China.