New Frebniis Malware Abuses IIS Features for Secret Communications
There’s a new malware threat to Microsoft Internet Information Services (IIS) servers dubbed Frebniss. Discovered by Symantec’s Threat Hunter Team, the malware abuse ‘Failed Request Event Buffering’ (FREB) feature of IIS that is responsible for collecting request metadata such as IP addresses, HTTP headers, and cookies. By abusing the FREB component, it becomes relatively easier for hackers to evade detection.