The Federal Bureau of Investigation has issued an alert to inform organizations in the United States of the risk associated with the use of Chinese tax software.
In late June, security researchers at Trustwave published a report on a piece of malware that was dropped into the environment of an organization doing businesses in China through tax software that is mandatory in the country.
The threat, which Trustwave named GoldenSpy, was delivered to an organization via software from the Golden Tax Department of Aisino Corporation, and it appears to have been in use since 2016. Once installed, it provides SYSTEM-level backdoor access to the network.
Within days after the initial report was published, an uninstaller was delivered to compromised organizations through the update service of the tax software, and all traces of GoldenSpy were erased.
Weeks later, Trustwave published information on another piece of malware deployed through mandatory tax software onto the networks of organizations doing business in China. Referred to as GoldenHelper and dated prior to GoldenSpy, this malware family was dropped by software from Baiwang.
Last week, the FBI issued an alert to warn healthcare, chemical, and finance organizations in the United States of “potential targeting activity by the Chinese government against their business and operational components based in China.”
The alert points out that tax software provided by Chinese banks to at least two Western organizations doing business in the country would install a back ..
Support the originator by clicking the read the rest link below.
