In a report released last week, Finland-based cyber security firm F-Secure identified the malware as NanHaiShu (translated as South China Sea rat), a Remote Access Trojan that can access information from infected computers to its command server. STAR/File photo
MANILA, Philippines – Malware traced by a security firm to China has been discovered to have spied on the Philippine government and other parties related to the territorial dispute in the West Philippine Sea.

In a report released last week, Finland-based cyber security firm F-Secure identified the malware as NanHaiShu (translated as South China Sea rat), a Remote Access Trojan that can access information from infected computers to its command server.

“The threat actors behind this malware target government and private-sector organizations that were directly or indirectly involved in the international territorial dispute centering on the South China Sea,” said F-Secure in a statement.

“Based on our observations, the timings of the attacks indicated political motivation, as they occurred either within a month following notable news reports related to the dispute, or within a month leading up to publicly known political events featuring the said issue,” it added.

On its white paper about the malware, F-Secure said NanHaiShu has been discovered in the wild a couple of year ago, but appeared to have been used to target specific websites such as the Philippine Department of Justice (DOJ), the organizers of the 2015 Asia Pacific Economic Cooperation held in Manila and an unidentified international law firm involved in the Philippine case against China.

“The common denominator among the targets selected is that they have some relation to the territorial dispute revolving around the South China Sea,” said the cyber security firm.

http://www.philstar.com/headlines/2016/08/07/1610856/chinese-malware-spying-philippines-security-firm