Japan identifies a Chinese hacker group as the source of 210 attacks since 2019

The Japanese government has now identified a Chinese hacker group — dubbed “MirrorFace” and likely working with government support and direction — as the source of 210 attacks from 2019 to 2024.

Investigations by the agency’s National Cyber Department and police nationwide found that the malware used by MirrorFace was similar to that employed by the “APT10 Group,” a hacker organization said to be associated with China’s Ministry of State Security.

The targets also aligned with China’s areas of interest and the attacks coincided with Chinese working hours, ceasing during the country’s long holidays, police noted.

Though Japan’s space agency JAXA was a major target, it appears the hackers had many successes with other government agencies, including those related to national security.

This story only adds weight to the previous reports [pdf] of Chinese hacks of JPL, whereby China got the plans of our Spirit and Opportunity Mars rovers and used that information to design Zhurong, its first rover to go to Mars.