MirrorFace aims for high‑value targets in Japan – Week in security with Tony Anscombe

by admin 0 Comments

Cyber Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

The group’s proprietary backdoor LODEINFO delivers additional malware, exfiltrates credentials, and steals documents and emails

This week, the ESET research team published their findings about a spearphishing campaign that the Chinese-speaking threat actor MirrorFace launched in Japan and that mainly focused on members of a specific Japanese political party. The campaign – which ESET Research has named Operation LiberalFace and which occurred in the lead-up to the House of Councillors elections in July 2022 – involved the group’s flagship backdoor LODEINFO. The backdoor, which is the group’s s proprietary malware deployed exclusively against targets in Japan, was used to deliver additional malware, exfiltrate the victims’ credentials, and steal the victims’ documents and emails.

To learn more about the attacks and the group’s targets and tactics, read the full blog: Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities.

This article was originally published by Welivesecurity.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Star Blizzard Targets WhatsApp in New Campaign
Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers
New Mirai Malware Variant Targets AVTECH Cameras, Huawei Routers

Leave a Reply

Your email address will not be published. Required fields are marked *