The US Federal Bureau of Investigation (FBI) has warned US businesses to stop dealing with Chinese companies via government-mandated tax software.
According to the FBI report, Chinese businesses lie, cheat, and steal from American businesses.
FBI says that all foreign companies are required by local Chinese laws to install this particular piece of software in order to handle value-added tax (VAT) payments to the Chinese tax authority.
The FBI is warning that the malware gives whoever controls it the potential ability to “conduct remote code execution and exfiltration activities on the victim’s network,” according to the outlet.
The firm was working on behalf of an unidentified company with ties to the US, Australia, and UK that had only recently set up offices in China.
“We identified an executable file displaying highly unusual behavior and sending system information to a suspicious Chinese domain,” the firm said on June 25. “Discussions with our client revealed that this was part of their bank’s required tax software.”
The company had been required to use the software in order to pay local taxes. Trustwave said it was uncertain whether the malware was embedded in all of the tax software or if it was deployed against specific targets.