6.5 C
New York
Tuesday, June 22, 2021

GoldenHelper and GoldenSpy: taxes and backdoors Made in China

According to the US agency, the software made mandatory by China for the payment of taxes by US companies contains backdoors.

Must Read

Kamal Saini
Kamal S. has been Journalist and Writer for Business, Hardware and Gadgets at Revyuh.com since 2018. He deals with B2b, Funding, Blockchain, Law, IT security, privacy, surveillance, digital self-defense and network policy. As part of his studies of political science, sociology and law, he researched the impact of technology on human coexistence. Email: kamal (at) revyuh (dot) com

The FBI has issued a notice addressed to some of the US companies operating in China to communicate to them the presence of a backdoor found in the software whose installation is made mandatory by Beijing for the payment of taxes. In doing so, they are potentially exposed to remote code execution, theft of confidential information and the compromise of networks.

GoldenHelper and GoldenSpy: taxes and backdoors Made in China

The backdoor was found in the programs provided by the Chinese companies Baiwang and Aisino, the only two authorized by the central government for distribution. The agents of the American Bureau themselves claim to be aware of two violations perpetrated through this method. Here is what we read in the branch note (Flash Alert AC-000129-TT).

In July 2018, an employee of a U.S. pharmaceutical company operating in China downloaded the Baiwang Tax Control Invoicing software from baiwang.com. At least until March 2019 the developer has released updates that automatically install a driver along with the tax program. In April 2019, the company’s employees discovered that it included malware capable of creating a backdoor in the company’s network.

The malware in question was later identified as GoldenHelper by Trustwave researchers.

In June 2020, a private security company reported that Intelligence Tax, Aisino Corporation’s tax software requested by a Chinese bank, contained malware capable of installing a hidden backdoor in the organizations network.

In this case, Trustware has labelled it as GoldenSpy, an evolution of the one mentioned above.

The FBI alert is aimed in particular at those operating in the financial, chemical and health care markets, considered particularly at risk due to the interest shown by the Asian country in innovations in these sectors. The American body does not point the finger directly at Beijing, but the Baiwang and Aisino software before being distributed pass by the approval of NISEC(National Information Security Engineering Center), a state-controlled reality believed to be close to the People’s Liberation Army.

- Advertisement -
- Advertisement -

Latest News

Did Trump want to send infected returnees to Guantánamo?

Former US President Donald Trump's handling of the corona pandemic has long been considered controversial. It is now known that...
- Advertisement -

More Articles Like This

- Advertisement -