Tokyo, January 10, 2025 –MirrorFace, linked to APT10, is targeting Japan with advanced malware like ANEL and NOOPDOOR, using sandbox evasion and phishing tactics to breach defenses.
Japan’s National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) have uncovered a multi-year operation by the China-linked cyber threat actor MirrorFace.
Using advanced malware like ANEL and NOOPDOOR, the group has bypassed antivirus defenses, leaving organizations across Japan vulnerable. An NPA spokesperson said:
MirrorFace is exploiting every opportunity to breach systems and steal critical information. Their use of sandbox evasion is particularly alarming.
Active since 2019, MirrorFace, believed to be a subgroup of the infamous APT10, has targeted sectors ranging from academia to aerospace. By leveraging vulnerabilities in tools like Citrix and Fortinet, the group has executed sophisticated campaigns.
Their spear-phishing emails deliver malware payloads, including the infamous ANEL and NOOPDOOR, which evade detection and enable remote system control. Eli Smadja, a security expert stated:
This campaign’s sophistication highlights the evolution of cyberattacks. The use of sandbox evasion ensures malicious activities leave no trace.
The attacks, categorized into three campaigns, have evolved to include the use of Visual Studio Code remote tunnels, enabling covert operations. Notably, by executing malware within Windows Sandbox, attackers erased all evidence after system shutdowns.
Japanese authorities have urged organizations to strengthen their defenses and remain vigilant against phishing attempts. The implications are dire, as these cyberattacks not only jeopardize national security but also undermine critical industries.
Other News At VPNRanks
Hey, wait!
Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life.
