-
- |
-
Storm-1175 Group Uses GoAnywhere Exploit to Spread Medusa Ransomware, Microsoft Reveals
Storm-1175 Group Uses GoAnywhere Exploit to Spread Medusa Ransomware, Microsoft Reveals
The Chinese entity named the Beijing Institute of Electronics Technology and Application (BIETA), which has been in existence since 1983, is strongly suspected of being controlled by China's Ministry of State Security (MSS). This assessment from Recorded Future is backed by evidence showing links between at least four BIETA personnel and MSS officers, as well as the institute's connection to the University of International Relations, which is known to share ties with the MSS (including the four individuals named: Wu Shizhong, He Dequan, You Xingang, and Zhou Linna).
Focus on Counter-Intelligence and Covert Technology
According to a report shared with The Hacker News, BIETA and its subsidiary, Beijing Sanxin Times Technology Co., Ltd. (CIII), research and develop technologies almost certainly aimed at supporting China's military, intelligence, and national security missions.
Their core activities include:
- Steganography: Researching data concealment methods that can be used for covert communications (COVCOM) and malware deployment.
- Equipment Development: Creating and selling counter-intelligence and forensic investigation equipment.
- Foreign Technology Acquisition: Obtaining foreign technologies related to steganography, network penetration testing, and military communication and planning.
Technically, BIETA specializes in communication technology, multimedia information security, and computer network applications.
CIII Subsidiary Develops Advanced Surveillance Tools
CIII, as the subsidiary, has a deep focus on developing steganography software and has created various commercial applications for online needs, such as uploading files to Baidu Cloud/OneDrive and network simulation.
However, CIII also develops tools with significant security implications:
- Extensive Penetration Testing: They offer penetration testing services targeting almost all digital platforms, from websites, mobile applications, servers, databases, cloud platforms, to Internet of Things (IoT) devices.
- Mobile Positioning System (2021): CIII worked on a tool named Intelligent Discussion Android App and a positioning system capable of identifying, monitoring, blocking, and even harvesting text messages and calls from mobile phones within large venues.
While public details on the extent to which these tools aid the MSS are limited, the Mastercard-owned organization assesses that BIETA and CIII are almost certainly acting as front organizations that contribute to developing capabilities for cyber-enabled intelligence operations by the Beijing intelligence apparatus and its proxies.
Implications for MSS Operations
BIETA's research is almost certainly used to create technologies that enable the MSS's mission. The resulting capabilities are then likely distributed by the MSS to subordinate state security departments, bureaus, and officers, who in turn provide them to their contractors or proxies for use in operations.
This disclosure underscores a broader risk, highlighted by a recent incident: a Chinese proxy service (WgetCloud/GaCloud) was also used in a cyber campaign orchestrated by the North Korean threat group known as Kimsuky. This demonstrates the broader risk of commercial-looking infrastructure being easily blended and leveraged by Advanced Persistent Threat (APT) groups.
Source : https://thehackernews.com/2025/10/new-report-links-research-firms-bieta.html
Popular article
Need Any Technology Solution
Let’s Work Together on Project
