Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Saturday June 27 2020, @07:59PM   Printer-friendly
from the all-your-base-are-belong-to-us dept.

https://arstechnica.com/information-technology/2020/06/chinese-bank-requires-foreign-firm-to-install-app-with-covert-backdoor/

A large, multinational technology company got a nasty surprise recently as it was expanding its operations to China. The software a local bank required the company to install so it could pay local taxes contained an advanced backdoor.

The cautionary tale, detailed in a report published Thursday, said the software package, called Intelligent Tax and produced by Beijing-based Aisino Corporation, worked as advertised. Behind the scenes, it also installed a separate program that covertly allowed its creators to remotely execute commands or software of their choice on the infected computer. It was also digitally signed by a Windows trusted certificate.
[...]
Trustwave didn't identify the two companies that encountered GoldenSpy or the local Chinese bank that required that Intelligent Tax be installed. Representatives of Aisino Corporation didn't immediately respond to an email seeking comment for this post.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by driverless on Sunday June 28 2020, @10:40AM (2 children)

    by driverless (4770) on Sunday June 28 2020, @10:40AM (#1013622)

    Unfortunately they don't say which CA issued it, merely the company it came from, and since code signing certs are so routinely stolen for use in malware (you can buy them online) that name doesn't really mean anything. Could be malware slipped into the supply chain by a third party, could be bank-created malware, could be PLA-created malware, there's no way to tell.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by driverless on Sunday June 28 2020, @10:42AM (1 child)

    by driverless (4770) on Sunday June 28 2020, @10:42AM (#1013623)

    Oh, and I had to guess I'd say it was third-party, the Chinese government/PLA doesn't need to put spyware into stuff, it already has the same access to networks and systems that the NSA has in the US.

    • (Score: 0) by Anonymous Coward on Sunday June 28 2020, @10:22PM

      by Anonymous Coward on Sunday June 28 2020, @10:22PM (#1013862)

      You say both of these things as fact, but just because things fit your worldview does not make them true, let along "facts."