Information Security News mailing list archives
Malware stashed in China-mandated software is more extensive than thought
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 15 Jul 2020 05:03:26 +0000 (UTC)
https://arstechnica.com/information-technology/2020/07/malware-stashed-in-china-mandated-software-is-more-extensive-than-thought/ By Dan Goodin Ars Technica July 14, 2020Three weeks ago, security researchers exposed a sinister piece of malware lurking inside tax software that the Chinese government requires companies to install. Now there’s evidence that the high-stealth spy campaign was preceded by a separate piece of malware that employed equally sophisticated means to infect taxpayers in China.
GoldenHelper, as researchers from security firm Trustwave dubbed the malware, hid inside the Golden Tax Invoicing software, which all companies registered in China are mandated to use to pay value-added taxes. The malware is able to bypass the User Account Control, the Windows mechanism that requires users to give their approval before software can install programs or make other system changes. Once that’s done, GoldenSpy can install modules with System-level privileges. Trustwave published its findings on Tuesday here.
GoldenHelper employs other tricks to conceal its malicious behavior and evade detection from endpoint protection systems and software. The tricks include:
[...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ Follow InfoSec News on Twitter https://twitter.com/infosecnews_ Follow InfoSec News on LinkedIn https://www.linkedin.com/company/infosecnews/
Current thread:
- Malware stashed in China-mandated software is more extensive than thought InfoSec News (Jul 14)