The announcement was released by CISA, the Department of Defense Cyber Command (CyberCom) and the Federal Bureau of Investigation (FBI).
The three companies have recently started working together to release joint reports on new threats emerging in the Internet. The first joint alert was issued in February, when the three companies warned of six new malware executives developed by hacker of North Korea.
However, their latest joint warning warns of a new one malware from China.
It is called Taidoor and has versions for 32 and 64-bit systems and is usually installed on a victim system as a DLL. This DLL contains two other files.
"The first file is one loader, which starts as a service. The loader decrypts the second file and executes it in memory, which is the main one Remote Access Trojan (RAT). ”
Taidoor RAT is then used to allow Chinese hackers to access infected systems and infiltrate data or develop other malicious programs.
The FBI says that Taidoor is usually developed in conjunction with proxy servers, to hide the malicious operator's actual source of origin.
According to the announcement, this is a new malware executive, however in a tweet the US government administration stated that the malware has been released silently on victims' networks for at least 12 years, since 2008.
The three companies also presented a joint malware analysis report, which contains suggested mitigation techniques and suggested response actions for organizations that want to improve their detection, prevent infections, or have already been infected and need to remove malware from their systems.
After the joint notice, the Florian Roth, its malware analyst Nextron Systems, said it had previously spotted samples of Taidoor, as of March 2019, but under the name Taurus RAT.