Cyber Resilience

Campaign · all campaigns

Operation AkaiRyūC0060 unknown

aka Operation AkaiRyū, AkaiRyū

Last updated: 2026-07-03

0attributed CVEs
40ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[Operation AkaiRyū](https://attack.mitre.org/campaigns/C0060) (Japanese for RedDragon) was a cyberespionage spearphishing campaign conducted by [MirrorFace](https://attack.mitre.org/groups/G1054) between June and September 2024 against entities in Japan and Central Europe. [Operation AkaiRyū](https://attack.mitre.org/campaigns/C0060) notably included the first reported targeting of a European entity by [MirrorFace](https://attack.mitre.org/groups/G1054), as well as their use of [UPPERCUT](https://attack.mitre.org/software/S0275), which was thought to be exclusive to [menuPass](https://attack.mitre.org/groups/G0045).(Citation: ESET MirrorFace 2025)(Citation: Trend Micro Earth Kasha Anel NOV 2024)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-422 / 4055%
CM-221 / 4052%
CM-621 / 4052%
SI-319 / 4048%
SI-714 / 4035%
CA-713 / 4032%
AC-612 / 4030%
CM-712 / 4030%
AC-311 / 4028%
SI-1011 / 4028%
AC-210 / 4025%
RA-510 / 4025%
SI-210 / 4025%
AC-179 / 4022%
CM-88 / 4020%

Co-occurring actors

None.

Similar actors