ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > Operation LiberalFace, MirrorFace

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: Operation LiberalFace, MirrorFace

NamesOperation LiberalFace (ESET)
MirrorFace (ESET)
CountryChina China
MotivationInformation theft and espionage
First seen2022
Description(ESET) ESET researchers discovered a spearphishing campaign, launched in the weeks leading up to the Japanese House of Councillors election in July 2022, by the APT group that ESET Research tracks as MirrorFace. The campaign, which we have named Operation LiberalFace, targeted Japanese political entities; our investigation revealed that the members of a specific political party were of particular focus in this campaign. ESET Research unmasked details about this campaign and the APT group behind it at the AVAR 2022 conference at the beginning of this month.

This campaign may have been performed by Stone Panda, APT 10, menuPass.
ObservedSectors: Government.
Countries: Japan.
Tools usedLODEINFO, MirrorStealer.
Information<https://www.welivesecurity.com/2022/12/14/unmasking-mirrorface-operation-liberalface-targeting-japanese-political-entities/>

Last change to this card: 27 December 2022

Download this actor card in PDF or JSON format

Previous: Operation Layover
Next: Operation Manul

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]