FBI Malware Alert To Companies Doing Business In China

Backdoor malware is being surreptitiously installed on the networks of foreign companies operating in China. It comes with government-mandated tax software, and allows actors to execute unauthorized code, infiltrate networks, and steal proprietary data from branches operating in China. According to the FBI, all foreign companies are required by Chinese laws to install this software in order to handle value-added tax payments. The agency also listed two incidents where companies have discovered the malware’s presence on their networks: “In July 2018, an employee of a US pharmaceutical company with business interests in China downloaded the Baiwang Tax Control Invoicing software program from baiwang.com….In April 2019, employees of the pharmaceutical company discovered that the software contained malware that created a backdoor on the company’s network.” The software has been identified as “GoldenHelper”; “In June 2020, a private cybersecurity firm reported that Intelligence Tax, a tax software from Aisino Corporation that is required by a Chinese bank under the same VAT system, likely contained malware that installed a hidden backdoor to the networks of organizations using the tax software.” Companies in the healthcare, chemical, and finance sectors are in particular danger.