Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
China Security

Chinese Bank Required Two Western Companies to Use Tax Software With a Hidden Backdoor (zdnet.com) 93

A Chinese bank required at least two western companies to install malware-laced tax software, according to a new report from the cyber-security firm Trustwave.

"The two companies are a UK-based technology/software vendor and a major financial institution, both of which had recently opened offices in China," reports ZDNet: "Discussions with our client revealed that [the malware] was part of their bank's required tax software," Trustwave said Thursday... Trustwave, who was providing cyber-security services for the UK software vendor, said it identified the malware after observing suspicious network requests originating from its customer's network... Trustwave said the software worked as advertised, allowing its customer to pay local taxes, but that it also installed a hidden backdoor. The security firm says this backdoor, which Trustwave codenamed GoldenSpy and said it ran with SYSTEM-level access, allowed a remote attacker to connect to the infected system and run Windows commands, or upload and install other software...

GoldenSpy installs two identical versions of itself, both as persistent autostart services. If either stops running, it will respawn its counterpart... The Intelligent Tax software's uninstall feature will not uninstall GoldenSpy. It leaves GoldenSpy running as an open backdoor into the environment, even after the tax software is fully removed. GoldenSpy is not downloaded and installed until a full two hours after the tax software installation process is completed. When it finally downloads and installs, it does so silently, with no notification on the system.

This discussion has been archived. No new comments can be posted.

Chinese Bank Required Two Western Companies to Use Tax Software With a Hidden Backdoor

Comments Filter:
  • by DewDude ( 537374 ) on Sunday June 28, 2020 @04:46PM (#60239322) Homepage
    The fucking communists don't give a shit about anything than world domination. Stop dealing with those asshole and enact some real sactions; isolate them; and leave them the fuck alone.
  • Re: (Score:2, Insightful)

    Comment removed based on user account deletion
    • Seems like "This billion dollars is yours if you can prove X == -X".

      • Comment removed based on user account deletion
        • C'mon, it wasn't that big a sacrifice. Sure, those 3 days really sucked, but then, second in command for all eternity? Doesn't sound like such a bad deal.

        • I think that Jesus dying for our sins was a giant fucking waste of effort.

          It's lovely how quickly people go zipping off-topic, don't you think?

          According to most current Christian-flavored denominations, Jesus actually was God, so he couldn't have really died. Paradoxically, many of them also believe that Jesus made a great sacrifice in giving up his life. No, he was apparently just taking in a quick dirt nap.

          To get back on topic, which two "Western companies" were they and, how liable are they in their home countries for deliberately spreading malware? At least one of them appear

    • The Feds are angry because it competes with them

      A law that gives access with judges order (limited to data IN THE COUNTRY) is different than a back door that allows access to international data at will and can be discovered and used by 3rd party. China has plenty of laws allowing them access to anything because they are fascists (look up the definition, china fits the bill), why did they need a back door? For hidden access, probably espionage.

      • by rtb61 ( 674572 )

        It's like so what, what else would you expect, the west has blown trust with China years ago. A company required me to install specific software on a computer to interact with it. That computer would have a connection to that company and definitely not to the internal network and would only be used for that connection and nothing else. They can data mine what they already have, who cares. Why you would connect a forced install to your internal network is really dumb.

      • It is naive to think that once you build in a back door for "lawful use" it will never be discovered by anyone and used unlawfully. That is the problem of back doors, by definition. If it exists, it will be exploited, maybe not today, maybe not tomorrow, but it till be exploited.

    • Wait, so a hidden backdoor to which NO ONE other than the tax software company agreed to use, is the same as getting a warrant from a judge and then using that to investigate a specific individual or company? Really?
  • Seriously? (Score:5, Insightful)

    by cygnusvis ( 6168614 ) on Sunday June 28, 2020 @05:20PM (#60239418)
    A major Chinese bank, which all are state controlled, installs state made root kits? IM SHOCKED!! Western companies need to remember that THEY HAVE NO RIGHTS IN CHINA. Chinese companies also have no rights.
    • by AmiMoJo ( 196126 )

      Reminds me of British banks trying to force customers to install "security" software a few years ago. Of course it was spyware and riddled with security flaws itself, and they were less than transparent about what it did.

  • by sentiblue ( 3535839 ) on Sunday June 28, 2020 @06:08PM (#60239592)
    Doesn't matter how outrageous things like this got exposed I'm just not going to be surprised. The CCP, chinese companies, chinese military, even US companies founded by chinese ... they all steal shit and they have no fucking shame. They don't just steal research/data/info... they also steal logos, brand names, whatever the fuck looks/feels/seems a little bit worthy stealing.
  • by MiniMike ( 234881 ) on Sunday June 28, 2020 @06:41PM (#60239660)

    Trustwave said the software worked as advertised, allowing its customer to pay local taxes

    This is the only part of the story that surprised me.

  • by tiqui ( 1024021 ) on Sunday June 28, 2020 @07:31PM (#60239800)

    By definition, there's no such thing as a "Chinese Bank"; that's a fiction designed to encourage foolish people to think there's something normal or civilized about a Marxist county with totalitarian one-party rule.

    It's not some xenophobic racist anti-Chinese (as in "anti-Chinese-race") thing to point out a basic fact: namely that in a Communist society there is no such thing as a church, or a bank, or a business, etc - all entities which appear independent are actually united with the government and the single political party; there's no actual dividing line between the party, the military, the spy agencies, the schools, the "businesses", etc. No such dividing lines are permissible because they could introduce the possibility of alternate political views, alternate power structures, and thus "counter-revolutionary" ideas. The Soviets, by virtue of not being mono-ethnic, never had the cover of being able to scream "RACIST!" at any critics, whereas China and its defenders use the very racial purity of China to attack any critics of its evil government as anti-Chinese bigots (implying that anti-Chinese is "anti Chinese ethnicity", rather than "anti-Chinese communist government" ). Sadly there are many western businesses (Like Amazon, The Washington Post, NBC Universal, etc) with large financial ties to China who will be willing to play along in defending China's geopolitical interests by helping with these false attacks.

    Having said that, however, let me say that I actually do not believe China is a Communist country at all; it's something far worse and more monstrous:

    China is the fascist super-state Hitler imagined he could build

    [1] China is a mono-racial society, and many of its people believe their race to be superior.

    [2] China is clearly not actually "Communist" as much as they claim to be so - they have huge numbers of very poor and many very rich. As long as they are party members with the right connections, people there are allowed to get rich and not have their stuff re-distributed. China is actually Fascist in structure and behavior. This is far more dangerous Mussolini (a socialist) invented fascism as a more-efficient and more-improved form of Marxism, one that concentrates politics and power in the hands of one party and its government, but retains some strengths of a market economy by allowing businesses to operate under tight government control and then using government control of those businesses to assist in government control of the population. Hitler saw this and burrowed it from Mussolini and indeed Germany between the wars seemed to have a miraculous economic success - just as China has recently seemed to.

    [3] China is expansionist. Like all Marxist regimes, it believes it can only truly succeed in bringing about utopia on earth by spreading the political system globally until there are no alternatives left to mankind and there's no "outside" of the system, to which any non-compliant people might hope to escape.

    [4] China is at that stage where it routinely makes obviously false statements (about really big geopolitical stuff, not small stuff all diplomats do) and repeats them through state-owned media outlets over and over again, until their own people and any foreign stooges believe them, and outside diplomats simply shrug their shoulders in surrender and say stuff like "well, that's just China... you have to understand..."

    [5] China is reaching out around the world and gradually taking real estate with the claim essentially "well, that was once ours, and we're just re-asserting our historic rights"...... it's just a tad familiar..... reminds one of the "sudatenland"...

    [6] China, unlike NAZI Germany, has lots of nukes.

    Interestingly, I have never heard a single Western liberal complain about China's "lack of diversity"; I don't think I'll hold my breath for that.

    • In China, government owns and controls the banks, government owns and controls the schools, government controls the religion. The party controls the government (and everything else)

      That doesn't mean the bank and the car company don't exist. They really do have real factories making real cars. Millions of electric cars, actually. It's just owned controlled by politicians through a "good old boy network".

      Versus the United States, where you can decide Monday morning that you want to own Chase Bank, do a cou

    • by Cederic ( 9623 )

      By definition, there's no such thing as a "Chinese Bank"

      Don't be so fucking stupid.

      A bank is a bank whether it's a co-operative, owned by a Government, floated on a stock exchange or privately run by someone that thinks financial liquidity is a good thing.

      Chinese banks are banks. They hold deposits, offer loans, facilitate financial transactions and act like banks, offering banking services. They're banks.

      Shit, you'll be telling me next that the USA has no army, because its armed forces are all part of the Government.

  • The thing about malware/backdoors/rootkits/APT is that they eventually get discovered. Shame embarrassment and finger SHOULD follow, and maybe even ISDS complaints and damages payable. Don't get angry, get even. OK, this now gets a virus signature, and a utility to be surgically removed, and the ports blocked at multiple levels. Mr Trump should be able to get the ball rolling on ISDS damages, under the provisions of unfair trade agreement violations. I can tell you in 1985, program path protections could
  • Not sure why the software would live anywhere but a jail on a network, with supervised external access only when specifically needed.

    • Is that what you do with your banking apps?

      I suspect most companies with China-mainland offices keep the whole office in a little network of its own with little to no access back to the mothership. After that though, are they really going to run every app they have in a separate VM/DMZ? I doubt it.

      Either way, those companies that have relatively open networks in/out of China would probably do well to lock them down pretty sharpish.

  • Our company experienced the same thing. The Chinese government required us to install their software to file taxes online. However our account urged us to set up an independent computer to run their software because if there were any technical problems we would have to send the whole computer in to be fixed. We were lucky to have listened to them as the independent computer didn't have any corporate secrets on it.
  • brings back memories of Sony installing rootkits. China are not the first to do this and won't be the last.
    • by Joopsy ( 2041110 )

      I would disagree. The sony rootkit, while shocking, didn't actually try to exfiltrate data or download/install any secondary programs (that could do absolutely anything)

  • I can't help but feel like this just poses yet another blow against other user-software having system level access without justification (*cough*anticheat in games*cough*) - even with the differences between banking apps and that, the risks with any system level programs with vulnerabilities are IMO the same - only here I'd argue it's worse due to the financial stuff the software is used for.

It is now pitch dark. If you proceed, you will likely fall into a pit.

Working...