Security Experts:

FBI Investigating Alleged ZTE Corp. Cover-up

After Reuters reported that China’s ZTE Corp (ZTEC) had sold monitoring equipment to Iran, in addition to software and technological goods manufactured in the U.S. – something that is forbidden under trade embargos – the Department of Commerce initiated an investigation. Now, according to an FBI affidavit, it has emerged that ZTE Corp went out of its way to impede the Department of Commerce’s inquiry.

According to the FBI, ZTE’s General Counsel in the U.S. – Ashley Kyle Yablon – was instructed to work with the export compliance attorney from the main office in China in order to “identify ways pursuant to U.S. law that ZTEC could sell phones containing U.S.-manufactured components to banned countries.”

The proposed solution was the creation of various sub-companies that would purchase the U.S.-made goods (8 Star Beijing), in order to sell them to other sub-companies that were not blocked by embargo. Those secondary sub-companies (ZTEC Persian) would in turn integrate the equipment into products that would be sold to Iran. Such was the case in the story Reuters broke. [Seen here.]

As mentioned, once the Reuters story broke, the Department of Commerce launched an investigation and subpoenaed ZTEC for their contract with the Iranian telecommunications company (government owned TCI) which purchased the monitoring equipment from the ZTEC subsidiary, along with the other U.S.-embargoed products, including equipment from Dell, HP, Juniper, Cisco and software from Oracle, Symantec, and Microsoft.

The FBI affidavit says that when the story broke, management at ZTEC was concerned about the details contained with in the report, including the packing list that exposed the illegal sale of embargoed goods, as they could no longer “hide anything.”

From there, the FBI says that ZTEC “engaged in an ongoing attempt to corruptly obstruct and impede” the Department of Commerce’s investigation.

The Smoking Gun has the full story and a copy of the FBI’s affidavit. 

Earlier this year, ZTE's mobile handset division was found to have shipped Android smartphones to the U.S. with a fully enabled backdoor. The news was later confirmed by ZTE and explained as a "vulnerability", not a purpose-built backdoor.

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.