MirrorFace updates toolset, expands reach to Europe

Posted on by

The group’s Operation AkaiRyū begins with targeted spearphishing emails that use the upcoming World Expo 2025 in Osaka, Japan, as a lure

Editor

18 Mar 2025

The China-aligned MirrorFace APT group has targeted a Central European diplomatic institute, marking the first time this China-aligned APT group has attempted to infiltrate an entity in Europe, ESET research has found.

In keeping with its previous campaigns, Operation AkaiRyū (which is Japanese for RedDragon) begins with carefully crafted spearphishing emails that, if successful, attempt to leverage legitimate applications and tools to install malware.

What else is there to know about the campaign’s tactics, techniques, and procedures? Learn from ESET Chief Security Evangelist Tony Anscombe in the video and make sure to read the full blogpost.

Connect with us on Facebook, XLinkedIn and Instagram.