Any company doing business in China is required to file for taxes using software called Golden Tax Invoicing. And now, security researchers have an idea why the Chinese government likes it so much: they say it’s riddled with spyware.
Installing Golden Tax Invoicing infects computers with spyware called GoldenHelper, Ars Technica reports, which essentially grants backdoor access into the system. First revealed by the cybersecurity firm Trustwave, the sophisticated malware campaign reveals a troublingly-widespread level of digital infiltration.
Trustwave revealed the Golden Tax spyware just three weeks after uncovering a similar malware campaign, GoldenSpy, which also hid in Golden Tax, Ars reports. The two programs are functionally similar and sneak behind a computer’s security systems using the same mechanisms.
GoldenSpy seemed to disappear after it was outed. But it’s not clear whether the new spyware was meant to replace it or if it had already existed alongside GoldenSpy.
Trustwave’s investigation is still ongoing: Ars reports that the company’s researchers have yet to find GoldenHelper’s actual payload, which they say is called “taxver.exe.”
So that means that it’s not entirely clear what information it can take from an infected system — only that a big problem is out there.
READ MORE: Malware stashed in China-mandated software is more extensive than thought [Ars Technica]
More on hacking: US Officials: Chinese Hackers Are Targeting Vaccine Research