Home > List all groups > List all tools > List all groups using tool GLASSTOKEN

Threat Group Cards: A Threat Actor Encyclopedia

Names	GLASSTOKEN
Category	Malware
Type	Backdoor
Description	(Volexity) UTA0178 planted webshells on external-facing web servers in order to grant persistence to the customer environment. They could then use the webshells to execute commands on those devices. Only two variations of the same webshell were used in the attack.
Information	<https://www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/>
MITRE ATT&CK	<https://attack.mitre.org/software/S1117>

Last change to this tool card: 19 June 2024

Download this tool card in JSON format

1 group listed (1 APT, 0 other, 0 unknown)

APT groups