Security News > 2020 > July > Researchers Find More Malware Delivered via Chinese Tax Software

Researchers Find More Malware Delivered via Chinese Tax Software
2020-07-14 16:00

Trustwave's security researchers have discovered another malware family delivered through tax software that Chinese banks require companies doing business in the country to use.

The discovery comes only weeks after the security firm published information on GoldenSpy, a backdoor delivered via the Intelligent Tax application produced by the Golden Tax Department of Aisino Corporation.

Dubbed GoldenHelper, the newly identified piece of malware is delivered through the Golden Tax Invoicing Software, which Chinese banks require their clients to install in order to pay taxes.

The Golden Tax software, which is linked to Aisino, can install without user consent, can escalate privileges to SYSTEM, and can download and install payloads on the system.

Exe is indeed malicious, the security researchers point out that legitimate software doesn't bypass Windows protections to escalate privileges, doesn't randomize its location or hide its name, doesn't attempt to override DNS records, and doesn't lack version negotiation protocols either.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/RNicf9nOkpE/researchers-find-more-malware-delivered-chinese-tax-software