Cybersecurity firm finds more spyware hidden in Chinese tax software

This version of Ncna1233662 - Breaking News | NBC News Clone was adapted by NBC News Clone to help readers digest key facts more efficiently.

Trustwave says it has discovered a new type of malware called GoldenHelper embedded in sales tax software — a different tool than one it found previously

SHARE THIS —
By Ken Dilanian

WASHINGTON — A security firm that last month highlighted spyware hidden in Chinese tax software issued a new report Tuesday shedding more light on how Western companies doing business in China are targeted for industrial espionage.

Analysts at cybersecurity firm Trustwave say they have discovered a new type of malware they say was embedded in sales tax software — a different, older malicious tool than the previous one they found.

In June, Trustwave’s SpiderLabs reported on malware they called GoldenSpy, which was hidden inside software that their client, a tech firm with ties to the U.S. defense industry, was required to install to pay local taxes. The malware secretly installed a back door that gave attackers complete access to the company’s networks, Trustwave reported.

Related

TechSpyware hidden in Chinese tax software was probably planted by a nation-state, say experts

On Tuesday, Trustwave highlighted a different piece of spyware they are calling GoldenHelper, which they say was hidden in different tax software required by Chinese banks for payment of value-added taxes. It, too, opened users to hackers, who could secretly steal corporate secrets.

"The new malware is entirely different from GoldenSpy, although the delivery modus operandi is highly similar," the report says.

Click here to read the report.

The report says the GoldenHelper malware campaign was active in 2018 and 2019 before abruptly ending in July 2019. It was hidden in what is known as Golden Tax Invoicing Software, which was required of companies to help account for and pay value-added taxes, a form of sales tax, the report says.

Recommended

National Security2 killed in U.S. strike on alleged drug boat in Eastern Pacific, Hegseth says

Since the publication of the report on GoldenSpy, Trustwave said it discovered that a program had been inserted into the tax software that erased all traces of the malware.

"Whoever is behind GoldenSpy is currently scrambling to erase all traces of it," said the firm, which did not name affected clients, as is customary in the cyber security industry.

Trustwave did not formally point fingers at who they believe is behind the spyware, except to say it had the hallmarks of a nation-state campaign.

U.S. intelligence officials say the Chinese government relentlessly siphons corporate secrets from Western companies, a charge China denies.

Ken Dilanian

Ken Dilanian is the justice and intelligence correspondent for MSNBC.

Want more summaries like this? Follow NBC News Clone for expertly filtered news from trusted sources.

×
AdBlock Detected!
Please disable it to support our content.

Related Articles

Donald Trump Presidency Updates - Politics and Government | NBC News Clone | Inflation Rates 2025 Analysis - Business and Economy | NBC News Clone | Latest Vaccine Developments - Health and Medicine | NBC News Clone | Ukraine Russia Conflict Updates - World News | NBC News Clone | Openai Chatgpt News - Technology and Innovation | NBC News Clone | 2024 Paris Games Highlights - Sports and Recreation | NBC News Clone | Extreme Weather Events - Weather and Climate | NBC News Clone | Hollywood Updates - Entertainment and Celebrity | NBC News Clone | Government Transparency - Investigations and Analysis | NBC News Clone | Community Stories - Local News and Communities | NBC News Clone