FoggyWeb

Description

(Microsoft) FoggyWeb is a passive and highly targeted backdoor capable of remotely exfiltrating sensitive information from a compromised AD FS server. It can also receive additional malicious components from a command-and-control (C2) server and execute them on the compromised server.

Names

Name
FoggyWeb

Category

Malware

Type

• Backdoor
• Info stealer
• Exfiltration

Information

• https://www.microsoft.com/security/blog/2021/09/27/foggyweb-targeted-nobelium-malware-leads-to-persistent-backdoor/

Mitre Attack

• https://attack.mitre.org/software/S0661/

Other Information

Uuid

3ed49155-5353-44ac-aadc-f29df4e720c2

Last Card Change

2022-12-30