Uptime Hamster: 1d 0h 13mDeploy: 13 Jul 2026 10:50Updated: 2026-07-14
Logo del actor de amenaza Operation LiberalFace

Operation LiberalFace

0 incidentes 0 paises 0 sectores apt CN Ultimo: -
Aliases: lodeinfo, mirrorstealer
Ver en IntelTracker → APTTrail →
Operation LiberalFace is a cyberespionage campaign launched in late June 2022 by the Chinese-speaking APT group MirrorFace, also known as Earth Kasha. This campaign specifically targeted Japanese political entities, focusing on members of a particular political party in the weeks leading up to the July 2022 House of Councillors election. MirrorFace is primarily motivated by espionage and the exfiltration of sensitive information, a consistent objective for the group, which has been active since at least 2019. A key distinguishing feature of this operation was the use of a previously undocumented credential stealer named MirrorStealer, deployed alongside their flagship LODEINFO backdoor. While some speculate about MirrorFace's ties to APT10, ESET researchers track it as a distinct entity.

Aliases del actor

lodeinfomirrorstealer

Actores similares

lodeinfoactor · 1Operation Wocaoapt · 1influence-operationsactor · 1Operation Ghostwriterapt · 0Operation C-Majorapt · 0Operation Silent Skimmerapt · 0Operation Cobalt Whisperapt · 0Operation RusticWebapt · 0Operation Olympic Gamesapt · 0Operation SalmonSlalomapt · 0
Motivacion