[New RogueApp]: Teleforge Directory #31
Description
⚠️ Please include as much detail as possible. Please do not submit any private, sensitive, and/or proprietary information.
- Contributor Name: halpcomputar
- RogueApp Name: Teleforge Directory
- RogueApp ID: 1a9b8d93-0d60-4835-896f-83016de95ff5
- RogueApp Description: Used for BEC. Installed shortly after breach and after an additional MFA authentication device was added, data collected for a week, then emails sent out
- App Owner Organization ID: aa68a5d2-2ee2-4ff7-8193-3d037ab704b1
- App Publisher Name: [Unknown - deleted before recorded]
- App Publisher ID: [Unknown - deleted before recorded]
- Permissions: Mail.Read offline_access User.ReadBasic.All Mail.ReadWrite Mail.Send MailboxSettings.ReadWrite
- Tags: BEC
- MITRE ATT&CK IDs: T1119
- References: Unable to find documentation on Teleforge Directory at this time. Application was installed to compromised user's account on 2/5/25, email data collected, and further BEC emails sent from the affected user on 2/11/25
- Date Added: 2/5/25
Reference
The RogueApp specification is defined in types.ts. Please submit as much information as you can for each field (it does not have to be 100% complete but please submit everything you can!)