6beer · @6beer
7 followers · 41 posts · Server infosec.exchange```
For the digital processing of value-added tax (VAT) returns, the Chinese government has implemented the Golden Tax the Chinese government has implemented the Golden Tax program. Companies operating in China are required to use the #GoldenTax software to file their VAT returns. However, the Golden Tax software is not directly distributed by the distributed by the government, but by two companies, Baiwang and Aisino, which integrate it into their products. It seems that
that the selection of either of these vendors is decided by the companies' Chinese banks.
On June 25, 2020, Singaporean cybersecurity firm #Trustwave published a report [3] revealing that the installation of Chinese VAT management software Aisino Intelligent Tax led to the deployment of what amounts to a backdoor, dubbed "#GoldenSpy" by the vendor. Two hours after the installation of the VAT management software, codes are downloaded and then silently executed. They have persistence mechanisms, communicate at a random frequency with a remote server and allow the execution of arbitrary codes with system administrator privileges without user interaction.
```
https://www.cert.ssi.gouv.fr/uploads/CERTFR-2022-CTI-006.pdf #anssi #InfoSec
#goldentax #trustwave #GoldenSpy #anssi #infosec
6beer · @6beer
20 followers · 138 posts · Server infosec.exchange```
For the digital processing of value-added tax (VAT) returns, the Chinese government has implemented the Golden Tax program. Companies operating in China are required to use the #GoldenTax software to file their VAT returns. However, the Golden Tax software is not directly distributed by the distributed by the government, but by two companies, Baiwang and Aisino, which integrate it into their products. It seems that
that the selection of either of these vendors is decided by the companies' Chinese banks.
On June 25, 2020, Singaporean cybersecurity firm #Trustwave published a report [3] revealing that the installation of Chinese VAT management software Aisino Intelligent Tax led to the deployment of what amounts to a backdoor, dubbed "#GoldenSpy" by the vendor. Two hours after the installation of the VAT management software, codes are downloaded and then silently executed. They have persistence mechanisms, communicate at a random frequency with a remote server and allow the execution of arbitrary codes with system administrator privileges without user interaction.
```
https://www.cert.ssi.gouv.fr/uploads/CERTFR-2022-CTI-006.pdf #anssi #InfoSec
#goldentax #trustwave #GoldenSpy #anssi #infosec