Security News > 2020 > July > Researchers Find More Malware Delivered via Chinese Tax Software
Trustwave's security researchers have discovered another malware family delivered through tax software that Chinese banks require companies doing business in the country to use.
The discovery comes only weeks after the security firm published information on GoldenSpy, a backdoor delivered via the Intelligent Tax application produced by the Golden Tax Department of Aisino Corporation.
Dubbed GoldenHelper, the newly identified piece of malware is delivered through the Golden Tax Invoicing Software, which Chinese banks require their clients to install in order to pay taxes.
The Golden Tax software, which is linked to Aisino, can install without user consent, can escalate privileges to SYSTEM, and can download and install payloads on the system.
Exe is indeed malicious, the security researchers point out that legitimate software doesn't bypass Windows protections to escalate privileges, doesn't randomize its location or hide its name, doesn't attempt to override DNS records, and doesn't lack version negotiation protocols either.
News URL
Related news
- New EagleMsgSpy Android spyware used by Chinese police, researchers say (source)
- Researchers reveal OT-specific malware in use and in development (source)
- FBI wipes Chinese PlugX malware from over 4,000 US computers (source)
- FBI deletes Chinese PlugX malware from thousands of US computers (source)
- FBI wipes Chinese PlugX malware from thousands of Windows PCs in America (source)