MirrorBlast (Malware Family)
By Fraunhofer FKIE
Archived: 2026-04-05 19:52:03 UTC
win.mirrorblast (Back to overview)
MirrorBlast
Actor(s): TA505
According to Minerva Labs, MirrorBlast malware is a trojan that is known for attacking users’ browsers. It usually
pretends to be a legitimate browser add-on however it has now evolved additional capabilities, whereby other
malwares are installed simultaneously. Recently, this trojan is thought to have tentative links to TA505 and PYSA
groups.
References
2021-10-19 ⋅ Proofpoint ⋅ Axel F, Brandon Murphy, Crista Giering, Georgi Mladenov, Matthew Mesa, Zydeca Cass
Whatta TA: TA505 Ramps Up Activity, Delivers New FlawedGrace Variant
FlawedGrace MirrorBlast
2021-10-14 ⋅ Morphisec ⋅ Arnold Osipov
Explosive New MirrorBlast Campaign Targets Financial Companies
MirrorBlast
2021-10-05 ⋅ FRSecure ⋅ Oscar Minks
The REBOL Yell: A New Novel REBOL Exploit
MirrorBlast
2021-09-24 ⋅ Proofpoint ⋅ Proofpoint
Daily Ruleset Update Summary 2021/09/24
MirrorBlast
2021-09-19 ⋅ HP ⋅ Patrick Schläpfer
MirrorBlast and TA505: Examining Similarities in Tactics, Techniques and Procedures
MirrorBlast
There is no Yara-Signature yet.
https://malpedia.caad.fkie.fraunhofer.de/details/win.mirrorblast
Page 1 of 2

Source: https://malpedia.caad.fkie.fraunhofer.de/details/win.mirrorblast
https://malpedia.caad.fkie.fraunhofer.de/details/win.mirrorblast
Page 2 of 2