สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency

Report

Home > List all groups > List all tools > List all groups using tool MirrorBlast

Threat Group Cards: A Threat Actor Encyclopedia

Tool: MirrorBlast

Names	MirrorBlast
Category	Malware
Type	Downloader, Loader
Description	According to Minerva Labs, MirrorBlast malware is a trojan that is known for attacking users’ browsers. It usually pretends to be a legitimate browser add-on however it has now evolved additional capabilities, whereby other malwares are installed simultaneously. Recently, this trojan is thought to have tentative links to TA505 and PYSA groups.
Information	<https://www.proofpoint.com/us/blog/threat-insight/whatta-ta-ta505-ramps-activity-delivers-new-flawedgrace-variant> <https://frsecure.com/blog/the-rebol-yell-new-rebol-exploit/>
Malpedia	<https://malpedia.caad.fkie.fraunhofer.de/details/win.mirrorblast>

Last change to this tool card: 30 November 2023

Download this tool card in JSON format

All groups using tool MirrorBlast

Changed	Name	Country	Observed
APT groups
	TA505, Graceful Spider, Gold Evergreen		2006-Nov 2022

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Report incidents

+66 (0)2-123-1227

[email protected]