Mirror Protocol

Mirror Protocol, also known as Mirror Finance, operates with its headquarters located in South Korea. While specific details regarding its core products, services, market scope, operational scale, or organizational structure are not available within the provided context, the organization is recognized within the cybersecurity landscape primarily due to documented security incidents impacting its user base. The absence of explicit information prevents elaboration on its primary business functions, target markets, size, reach, distinguishing specializations, competencies, or ownership structure.

A significant known incident involving Mirror Protocol users occurred on May 30, 2022. Threat actors executed a sophisticated WhatsApp OTP scam specifically targeting users in India. This attack exploited a telecom service request mechanism for call forwarding. Attackers deceived victims into enabling call forwarding to a number they controlled. Subsequently, when the attackers initiated the WhatsApp account registration process for the victim's number, the system requested an OTP via a phone call. Because call forwarding was active, this OTP call was redirected to the attacker's phone, enabling them to capture the code and gain unauthorized control over the victim's WhatsApp account. This incident highlights a specific vulnerability vector leveraged against users associated with Mirror Protocol in a particular geographic region.