You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
⚠️ Please include as much detail as possible. Please do not submit any private, sensitive, and/or proprietary information.
Contributor Name: Syne0
RogueApp Name: Fastmail
RogueApp ID: 77468577-4f6e-40e7-b745-11d3d0c28095
RogueApp Description: Fastmail is an alternative email service that allows export from various email providers, including Microsoft365. If a malicious party consents to Fastmail with an account, all email is exfiltrated to an attacker-controlled Fastmail account, with the option to continue to exfiltrate email post-consent.
Permissions:
Microsoft Graph: openid (Delegated)
Microsoft Graph: email (Delegated)
Microsoft Graph: offline_access (Delegated)
Microsoft Graph: IMAP.AccessAsUser.All (Delegated)
Microsoft Graph: SMTP.Send (Delegated)
Tags: Persistence, Exfiltration
MITRE ATT&CK IDs: T1114.002, T1567.002, T1136.003 or T1098.001 could be either or both
The RogueApp specification is defined in types.ts. Please submit as much information as you can for each field (it does not have to be 100% complete but please submit everything you can!)
The text was updated successfully, but these errors were encountered:
Microsoft Graph: openid (Delegated)
Microsoft Graph: email (Delegated)
Microsoft Graph: offline_access (Delegated)
Microsoft Graph: IMAP.AccessAsUser.All (Delegated)
Microsoft Graph: SMTP.Send (Delegated)
Reference
The RogueApp specification is defined in types.ts. Please submit as much information as you can for each field (it does not have to be 100% complete but please submit everything you can!)
The text was updated successfully, but these errors were encountered: