FBI Alert TLP White: Chinese Government-Mandated Tax Software Contains Malware, Enabling Backdoor Access.

July 23, 2020

The FBI seeks to inform US companies in the healthcare, chemical, and finance sectors of potential targeting activity by the Chinese government against their business and operational components based in China. As early as March 2019, at least two Western companies operating in China detected malware that was delivered through Chinese vendors that were responsible for releasing tax software upgrades following changes in 2018 to China’s value-added tax (VAT). The malware launched a backdoor into victim systems, which the FBI assesses likely allows cyber actors to preposition to conduct remote code execution and exfiltration activities on the victim’s network.

Related Resources

Guides/Reports
As a member of the Healthcare and Public Health Sector, you play a significant role in national security by protecting the nation and its economy from hazards…
Standards/Guidelines
Public
Agent Tesla is an established Remote Access Trojan (RAT) written in .Net. A successful deployment of Agent Tesla provides attackers with full computer or…
Webinar Recordings
Public
The U.S. Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Center (HC3) invites you to join its monthly cybersecurity…
AHA Center for Health Innovation Market Scan
Free Identity Protection In the spirit of helping front-line virus fighting organizations during these uncertain times, KII Consulting Inc., in partnership…
Advancing Health Podcast
In part two of this two-part podcast, two senior officials at the forefront of the ongoing duel with cybercriminals. DHS Under Secretary and Chief Intelligence…
Advancing Health Podcast
Public
In part one of this two-part podcast, you’ll hear from two senior officials at the forefront of the ongoing duel with cybercriminals. DHS Under Secretary and…