[threat-actors] Add MirrorFace

This commit is contained in:
Mathieu4141 2023-11-16 07:10:17 -08:00
parent 179afe9715
commit 622d67eb38

View file

@ -13000,6 +13000,19 @@
},
"uuid": "615311f0-58d4-4d1d-ac86-6ba86d119317",
"value": "KAX17"
},
{
"description": "MirrorFace is a Chinese-speaking advanced persistent threat group that has been targeting high-value organizations in Japan, including media, government, diplomatic, and political entities. They have been conducting spear-phishing campaigns, utilizing malware such as LODEINFO and MirrorStealer to steal credentials and exfiltrate sensitive data. While there is speculation about their connection to APT10, ESET currently track them as a separate entity.",
"meta": {
"country": "CN",
"refs": [
"https://www.welivesecurity.com/2022/12/14/unmasking-mirrorface-operation-liberalface-targeting-japanese-political-entities/",
"https://web-assets.esetstatic.com/wls/2023/01/eset_apt_activity_report_t32022.pdf",
"https://blog.sekoia.io/my-teas-not-cold-an-overview-of-china-cyber-threat/"
]
},
"uuid": "e992d874-604b-4a09-9c6c-0319d5be652a",
"value": "MirrorFace"
}
],
"version": 294