German companies BASF, Siemens and Henkel became victims of cybeattacks that aimed espionage. German companies…
Recall that according to media reports, on the Chinese border in tourists’ smartphones was installed spyware.
Trustwave experts found a backdoor in the tax program, paying attention to suspicious network requests coming from the client’s network. After analyzing the tax software of a Chinese bank, the researchers conclude that the program works as it should and really allows paying local taxes, but at the same time, in it is installed a GoldenSpy hidden backdoor in the client’s system.
“GoldenSpy has SYSTEM privileges, which allows remote attackers to connect to an infected system, execute commands, download and install other software”, – told Trustwave experts.
Many programs have remote access features that are commonly used for debugging, but Trustwave experts explain that this is not the case. Experts write that they revealed functionality that is usually used exclusively by malware, but is not found in legitimate programs. So, GoldenSpy has the following features:
Trustwave analysts have not been able to understand how the backdoor got into the product of Aisino Corporation. Theories of experts say that a backdoor could be created by “government” hackers in China; secretly added to the program by a dishonest bank employee; or created by one of the engineers at Aisino Corporation.
“That is, it is not yet clear whether the Chinese intelligence services could force the bank or Aisino Corporation to add malware to the official tax software (to spy on foreign companies), or whether it was an accident, and this is the work of ordinary hackers that pursue financial gain”, — say Trustwave researchers.
Researchers are currently urging all Western companies operating in China to deal with Intelligent Tax to view this incident as a potential threat, urgently check their systems for compromise and take the necessary measures.
By the way, we recently reported that Information security experts suspect Chinese company Xiaomi of spying on users.
News-bfopeci.info is a domain that tries to force you into subscribing to its browser notifications…
News-bfugaho.info is a site that tries to force you into clik to its browser notifications…
News-bganise.info is a domain that tries to trick you into clik to its browser notifications…
News-xhijupa.com is a domain that tries to trick you into subscribing to its browser notifications…
News-xnicini.cc is a domain that tries to trick you into subscribing to its browser notifications…
News-xpafema.cc is a site that tries to trick you into subscribing to its browser notifications…