Trade secrets and geopolitical interests are under threat in South China Sea.
Two Chinese hacking groups are attacking government bodies, manufacturers and tech companies belonging to some of the Asian power’s neighbours, according to security firm FireEye.
The first, Moafee, is said to be focusing its efforts on militaries and governments based around the South China Sea, a region of considerable geopolitical strife owing to its natural resources, with attacks even hitting the U.S. defence industrial base.
The other, DragonOK, is targeting high-tech and manufacturing companies in Japan and Taiwan, according to the firm, and may be looking to steal trade secrets so that Chinese firms can gain an edge over rivals.
FireEye said: "While their targets and missions appear different, our researchers found enough linking evidence to demonstrate a relationship between Moafee and DragonOK, and perhaps even a third attack group."
"By sharing tools, techniques and procedures, and coordinating joint attacks, these advanced threat actors are leveraging China’s supply chain economic expertise to perform extensive worldwide espionage."
The hackers are said to be making use of remote access tools (RATs), and custom-built backdoors to enter victims’ networks, and are using the proxy software HUC Packet Transmit Tool to hide their locations.
The company said that spear phishing emails are a common method of attack, adding that they were "well crafted and audience specific", with malware often hidden in a zipped file or password protected Microsoft Office document.