Security News > 2020 > July > Researchers Find More Malware Delivered via Chinese Tax Software
Trustwave's security researchers have discovered another malware family delivered through tax software that Chinese banks require companies doing business in the country to use.
The discovery comes only weeks after the security firm published information on GoldenSpy, a backdoor delivered via the Intelligent Tax application produced by the Golden Tax Department of Aisino Corporation.
Dubbed GoldenHelper, the newly identified piece of malware is delivered through the Golden Tax Invoicing Software, which Chinese banks require their clients to install in order to pay taxes.
The Golden Tax software, which is linked to Aisino, can install without user consent, can escalate privileges to SYSTEM, and can download and install payloads on the system.
Exe is indeed malicious, the security researchers point out that legitimate software doesn't bypass Windows protections to escalate privileges, doesn't randomize its location or hide its name, doesn't attempt to override DNS records, and doesn't lack version negotiation protocols either.
News URL
Related news
- New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm (source)
- Chinese hackers use new data theft malware in govt attacks (source)
- Chinese botnet infects 260,000 SOHO routers, IP cameras with malware (source)
- Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware (source)