The new variant of Agent Tesla is equipped with many sophisticated features, including credential-stealing modules.
According to senior threat researcher at SentinelOne, Jim Walter, a new variant of Agent Tesla malware has surfaced. It is equipped with credential-stealing modules and can steal passwords from email clients, VPN software, web browsers, Wi-Fi networks, and FTP apart from many popular apps.
The new variant is specifically programmed to steal login credentials from Microsoft Outlook, Microsoft Edge, OpenVPN, and browsers, including Chrome, Safari, Opera, Mozilla Thunderbird, and Firefox.
Agent Tesla is a RAT/remote access trojan, which researchers believe is among the most predominant malware families that threatened enterprises early on in 2020. It was used even more than Emotet, Dridex, and TrickBot malware.
Agent Tesla was firstly discovered in 2014, and the malware underwent steady growth in the past two years. Initially, Agent Tesla was sold on commonly used hacker forums and marketplaces.
The malware developers sold it through the now-defunct website AgentTesla (dot) com, from where it was directly sold to individual customers and management panels to let them quickly sort the collected data. Despite being over six years old, the malware’s continuous evolution is a cause of concern for security researchers.
Screenshot of Agent Tesla’s official website (Image: Hackread.com)
During the COVID-19 pandemic, the malwar ..
Support the originator by clicking the read the rest link below.
