MirrorFace Group Conducts Cyberattacks on Japan Since 2019
/ 1 min read
🖥️🔍 Japan’s National Police Agency warns of persistent cyberattacks by China-linked group MirrorFace. The NPA and NCSC have accused MirrorFace, a subgroup of APT10, of conducting a sustained campaign against Japanese organizations since 2019, aiming to steal sensitive national security and technology information. The group has employed various tactics, including spear-phishing and exploiting vulnerabilities in network devices, to deliver malware such as ANEL and NOOPDOOR. Their operations are categorized into three major campaigns targeting think tanks, the semiconductor sector, and academia, utilizing advanced techniques to evade detection, including executing malware within Windows Sandbox environments. The ongoing threat underscores the need for heightened cybersecurity measures in Japan.
