Skip to content

Hide Navigation Hide TOC

WARPWIRE (9a592b49-1701-5e4c-95cf-9b8c98b80527)

WARPWIRE is a Javascript credential stealer that targets plaintext passwords and usernames for exfiltration that was used during Cutting Edge to target Ivanti Connect Secure VPNs.[Mandiant Cutting Edge January 2024][Mandiant Cutting Edge Part 2 January 2024]

Cluster A Galaxy A Cluster B Galaxy B Level
WARPWIRE (9a592b49-1701-5e4c-95cf-9b8c98b80527) Tidal Software UNC5221 (71e9b27e-8d68-4ed6-b3ab-14142558b9ff) Tidal Groups 1