SYMBOLCOMMON_NAMEaka. SYNONYMS
win.mirrorblast (Back to overview)

MirrorBlast

Actor(s): TA505


According to Minerva Labs, MirrorBlast malware is a trojan that is known for attacking users’ browsers. It usually pretends to be a legitimate browser add-on however it has now evolved additional capabilities, whereby other malwares are installed simultaneously. Recently, this trojan is thought to have tentative links to TA505 and PYSA groups.

References
2021-10-19ProofpointAxel F, Brandon Murphy, Crista Giering, Georgi Mladenov, Matthew Mesa, Zydeca Cass
Whatta TA: TA505 Ramps Up Activity, Delivers New FlawedGrace Variant
FlawedGrace MirrorBlast
2021-10-14MorphisecArnold Osipov
Explosive New MirrorBlast Campaign Targets Financial Companies
MirrorBlast
2021-10-05FRSecureOscar Minks
The REBOL Yell: A New Novel REBOL Exploit
MirrorBlast
2021-09-24ProofpointProofpoint
Daily Ruleset Update Summary 2021/09/24
MirrorBlast
2021-09-19HPPatrick Schläpfer
MirrorBlast and TA505: Examining Similarities in Tactics, Techniques and Procedures
MirrorBlast

There is no Yara-Signature yet.