SLOWPULSE (37e264a6-5ad3-5a79-bf2c-db725622206e)
SLOWPULSE is a malware that was used by APT5 as early as 2020 including against U.S. Defense Industrial Base (DIB) companies. SLOWPULSE has several variants and can modify legitimate Pulse Secure VPN files in order to log credentials and bypass single and two-factor authentication flows.[Mandiant Pulse Secure Zero-Day April 2021]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
APT5 (f46d6ee9-9d1d-586a-9f2d-6bff8fb92910) | Tidal Groups | SLOWPULSE (37e264a6-5ad3-5a79-bf2c-db725622206e) | Tidal Software | 1 |