The article discusses the recent malware campaign linked to the MirrorFace threat actor, which has targeted a Central European diplomatic organization with a backdoor variant known as ANEL. Detecting this operation in late August 2024, ESET highlighted an unusual shift from targeting primarily Japanese entities to Europe. This change in tactics reflects broader goals within their cyber operations. The operation, named AkaiRyū, also reveals a return to using the ANEL backdoor after a hiatus, marking important developments in the threat landscape around APT10 activities.
The intrusion by the MirrorFace threat actor using ANEL highlights a shift in targeted victimology and tactics not previously seen in their operations.
ESET unveiled Operation AkaiRyū, emphasizing that MirrorFace's attack marks a significant deviation from its typical focus on Japanese entities, now targeting a European diplomatic organization.
Collection
[
|
...
]