MirrorBlast (Malware Family)

MirrorBlast

Actor(s): TA505

According to Minerva Labs, MirrorBlast malware is a trojan that is known for attacking users’ browsers. It usually pretends to be a legitimate browser add-on however it has now evolved additional capabilities, whereby other malwares are installed simultaneously. Recently, this trojan is thought to have tentative links to TA505 and PYSA groups.

References

2021-10-19 ⋅ Proofpoint ⋅ Axel F, Brandon Murphy, Crista Giering, Georgi Mladenov, Matthew Mesa, Zydeca Cass
Whatta TA: TA505 Ramps Up Activity, Delivers New FlawedGrace Variant
FlawedGrace MirrorBlast

2021-10-14 ⋅ Morphisec ⋅ Arnold Osipov
Explosive New MirrorBlast Campaign Targets Financial Companies
MirrorBlast

2021-10-05 ⋅ FRSecure ⋅ Oscar Minks
The REBOL Yell: A New Novel REBOL Exploit
MirrorBlast

2021-09-24 ⋅ Proofpoint ⋅ Proofpoint
Daily Ruleset Update Summary 2021/09/24
MirrorBlast

2021-09-19 ⋅ HP ⋅ Patrick Schläpfer
MirrorBlast and TA505: Examining Similarities in Tactics, Techniques and Procedures
MirrorBlast

There is no Yara-Signature yet.

MirrorBlast Propose Change

References

MirrorBlast