mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
[threat-actors] Add MirrorFace
This commit is contained in:
parent
179afe9715
commit
622d67eb38
1 changed files with 13 additions and 0 deletions
|
@ -13000,6 +13000,19 @@
|
||||||
},
|
},
|
||||||
"uuid": "615311f0-58d4-4d1d-ac86-6ba86d119317",
|
"uuid": "615311f0-58d4-4d1d-ac86-6ba86d119317",
|
||||||
"value": "KAX17"
|
"value": "KAX17"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "MirrorFace is a Chinese-speaking advanced persistent threat group that has been targeting high-value organizations in Japan, including media, government, diplomatic, and political entities. They have been conducting spear-phishing campaigns, utilizing malware such as LODEINFO and MirrorStealer to steal credentials and exfiltrate sensitive data. While there is speculation about their connection to APT10, ESET currently track them as a separate entity.",
|
||||||
|
"meta": {
|
||||||
|
"country": "CN",
|
||||||
|
"refs": [
|
||||||
|
"https://www.welivesecurity.com/2022/12/14/unmasking-mirrorface-operation-liberalface-targeting-japanese-political-entities/",
|
||||||
|
"https://web-assets.esetstatic.com/wls/2023/01/eset_apt_activity_report_t32022.pdf",
|
||||||
|
"https://blog.sekoia.io/my-teas-not-cold-an-overview-of-china-cyber-threat/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "e992d874-604b-4a09-9c6c-0319d5be652a",
|
||||||
|
"value": "MirrorFace"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 294
|
"version": 294
|
||||||
|
|
Loading…
Reference in a new issue