A tax software program installed by business clients of an unidentified Chinese bank was trojanized with malware that installs a backdoor granting attackers SYSTEM-level privileges, researchers warn.

In a company blog post and more detailed threat report, Trustwave and its SpiderLabs team identified the accounting software as Intelligent Tax, which was reportedly developed by the Golden Tax Department of IT and information security company Aisino Corporation, and digitally signed by a second company, Chenkuo Network Technology.

It is unknown if the bank (which Trustwave left unnamed), Aisino, Chenkuo Network Technology, or another party such as the Chinese government was actively behind the scheme. Trustwave says it caught the threat too early in the kill chain to make such attributions -- although it does note that the campaign bears certain traits of a coordinated Advanced Persistent Threat operation.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.