WARPWIRE (9a592b49-1701-5e4c-95cf-9b8c98b80527)
WARPWIRE is a Javascript credential stealer that targets plaintext passwords and usernames for exfiltration that was used during Cutting Edge to target Ivanti Connect Secure VPNs.[Mandiant Cutting Edge January 2024][Mandiant Cutting Edge Part 2 January 2024]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
WARPWIRE (9a592b49-1701-5e4c-95cf-9b8c98b80527) | Tidal Software | UNC5221 (71e9b27e-8d68-4ed6-b3ab-14142558b9ff) | Tidal Groups | 1 |