FBI warns US companies about Chinese tax software embedded with hidden malware: Report
Analysts uncovered 'GoldenSpy' malware hidden in tax software required by a state-owned Chinese bank
Weeks after a cybersecurity firm uncovered backdoor malware embedded in mandatory Chinese tax software, the FBI is reportedly warning U.S. companies doing business in China.
The software imposes a major security risk on victim companies – requiring them to use one of only two approved programs to pay their taxes – both of which have been found embedded with vulnerabilities, according to Trustwave, the cybersecurity firm.
Due to the comprimised security issues, the FBI sent out a warning Thursday to companies in the health care, chemical and finance industries, the technology news outlet ZDNet reported.
TRUMP SAYS US-CHINA 'TRADE DEAL MEANS LESS TO ME NOW' THAN WHEN HE SIGNED IT
The FBI is warning that the malware gives whoever controls it the potential ability to “conduct remote code execution and exfiltration activities on the victim’s network,” according to the outlet.
Near the end of last month, analysts at Trustwave announced they had uncovered the new type of malware, which they called “GoldenSpy,” hidden in tax payment software required by a state-owned Chinese bank for use by corporations that do business in China.
MORGAN STANLEY BLOCKS REMOTES ACCESS FOR INTERNS IN CHINA
The firm was working on behalf of an unidentified company with ties to the US, Australia and UK that had only recently set up offices in China.
“We identified an executable file displaying highly unusual behavior and sending system information to a suspicious Chinese domain,” the firm said on June 25. “Discussions with our client revealed that this was part of their bank’s required tax software.”
The company had been required to use the software in order to pay local taxes. Trustwave said it was uncertain whether the malware was embedded in all of the tax software or if it was deployed against specific targets.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
On July 14, Trustwave said it had uncovered an older, similar but different version of embedded malware, also linked to China’s tax system, which it called “GoldenHelper.”