CirioMar 18, 2025

https://www.welivesecurity.com/en/eset-research/operation-akairyu-mirrorface-invites-europe-expo-2025-revives-anel-backdoor/

However, since the CEO didn’t have access to a machine running Windows, the CEO forwarded the email to two other employees.

Now, CEOs of the world, you know what to do to ward off intruders from your laptop :p

Operation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoor

ESET researchers uncovered MirrorFace activity that expanded beyond its usual focus on Japan and targeted a Central European diplomatic institute with the ANEL backdoor.

Show threadCirio
Also, all this ninja work to go through #WindowsSandbox to escape detection to finally raise a huge red flag by communicating over #Tor. It probably made sense for this target but still, what a let down...
Mar 18, 2025 at 10:02pmWeb