{"id":14886,"date":"2020-06-30T01:52:33","date_gmt":"2020-06-29T23:52:33","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=14886"},"modified":"2020-09-09T11:31:29","modified_gmt":"2020-09-09T09:31:29","slug":"china-und-die-spyware-in-softwareprodukten","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/06\/30\/china-und-die-spyware-in-softwareprodukten\/","title":{"rendered":"China and the spyware in software products"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" height=\"47\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2020\/06\/30\/china-und-die-spyware-in-softwareprodukten\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]Today a short collective article about China, state hackers, espionage and software products. There have been attacks on Australia and spyware has been found in a Chinese control software. Both cases point to state hackers from China as originators.<\/p>\n<p><!--more--><\/p>\n<h2>China Tax Software and some Spyware<\/h2>\n<p>Products from China could contain traces of spyware. The following Tweet points out such an event.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Spyware in Chinese software likely placed by nation-state, say experts <a href=\"https:\/\/t.co\/vriAHBGsd1\">https:\/\/t.co\/vriAHBGsd1<\/a> via <a href=\"https:\/\/twitter.com\/NBCNews?ref_src=twsrc%5Etfw\">@nbcnews<\/a> + <a href=\"https:\/\/twitter.com\/KenDilanianNBC?ref_src=twsrc%5Etfw\">@KenDilanianNBC<\/a><\/p>\n<p>\u2014 Aryeh Goretsky (@goretsky) <a href=\"https:\/\/twitter.com\/goretsky\/status\/1276419223980404736?ref_src=twsrc%5Etfw\">June 26, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Earlier this year, a multinational technology provider doing business in China was instructed by its Chinese bank to install software to pay local taxes.<\/p>\n<p>The tax software itself was legitimate, but embedded in it was a nasty surprise. A new report from a private security company indicates that the software was infected. The program contained a sophisticated piece of malware that gave attackers full access to the company network.<\/p>\n<p>The company Trustwave, which uncovered the case, called the malicious software \"GoldenSpy\" and warns others to scan their networks for it in a report released on Thursday. \"If you are doing business in China and someone asks you to install something, we call for extra vigilance,\" Hussey said. \"We urge everyone to check to see if they are affected.\"<\/p>\n<p>While Trustwave has not given details of the client or the case. The malware appears to have been active since April 2020 and it is believed that government actors from China may be involved. More details can be found in <a href=\"https:\/\/www.nbcnews.com\/tech\/security\/spyware-hidden-chinese-tax-software-was-probably-planted-nation-state-n1231975\" target=\"_blank\" rel=\"noopener noreferrer\">this article<\/a>.<\/p>\n<h2>Malware attack on Australia<\/h2>\n<p>In Australia there have been massive malware attacks on Australian organizations. SPON has called it an 'elephant in the room' &#8211; the malware is probably caused by China.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Chinese malware used in attacks against Australian org &#8211; <a href=\"https:\/\/twitter.com\/Ionut_Ilascu?ref_src=twsrc%5Etfw\">@Ionut_Ilascu<\/a><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/chinese-malware-used-in-attacks-against-australian-orgs\/\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/t.co\/fbiHV5LR6H<\/a><\/p>\n<p>\u2014 BleepingComputer (@BleepinComputer) <a href=\"https:\/\/twitter.com\/BleepinComputer\/status\/1277232828011479040?ref_src=twsrc%5Etfw\">June 28, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Above tweet refers to <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/chinese-malware-used-in-attacks-against-australian-orgs\/\" target=\"_blank\" rel=\"noopener noreferrer\">this article<\/a> by Bleeping Computer, which contains further details about this case. The Australian government issued a security alert at the end of last week about increased cyber-activity by a state actor against networks belonging to Australian government agencies and businesses.<\/p>\n<p>Behind the attack is a \"sophisticated\" adversary who relies on slightly modified proof-of-concept attack code for vulnerabilities from the past, the government says in the warning, unofficially pointing the finger at China as the culprit. The attacker is targeting a publicly accessible infrastructure with exploits of remote code execution (RCE) techniques. So I automatically ask myself: How trustworthy can Chinese software be?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Today a short collective article about China, state hackers, espionage and software products. There have been attacks on Australia and spyware has been found in a Chinese control software. Both cases point to state hackers from China as originators.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547],"tags":[69,1544,2165],"class_list":["post-14886","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-security","tag-software","tag-spyware"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14886","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=14886"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14886\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=14886"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=14886"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=14886"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}