Click to Skip Ad
Closing in...
  1. Screwdriver Set Amazon
    13:47 Deals

    Amazon shoppers rave about this 22-in-1 screwdriver set that’s down to $18 today

  2. Surge Protector Amazon
    15:01 Deals

    Brilliant $30 Amazon find expands a power outlet without an ugly power strip

  3. Kasa Smart Home Sale
    12:05 Deals

    Amazon’s massive Kasa smart home sale has deeper discounts than Prime Day

  4. Best Deals on Amazon
    07:53 Deals

    Best Deals on Amazon (July 2021)

  5. Amazon Deals
    10:12 Deals

    Today’s top deals: $50 soundbar, Alexa in your car for $20, $90 Ring Doorbell 2, $23…

An old password-stealing malware called Agent Tesla is back and nastier than ever

June 9th, 2021 at 7:11 PM
Cybersecurity news

A new version of the remote access Trojan known as Agent Tesla has resurfaced, this time distributing what researchers have found is an updated version of the malware by using an infected email attachment that aims to steal everything from username and password credentials to a victim’s cryptocurrency.

This malware is actually pretty common and has been around since at least 2014. Researchers at Fortinet in a newly published threat research report note that it’s via a Microsoft Excel document attached to a spam email whereby the malware downloads and executes several pieces of code. “This malware,” the researchers explain, “is used to hijack bitcoin address information and deliver a new variant of Agent Tesla onto the victim’s device.” Regarding Agent Tesla, the researchers continue: “Most attackers like to spread malware in phishing emails. As a result, new phishing campaigns are detected every day by FortiGuard Labs. People should be more careful when opening files attached to email.”

Today's Top Deal Control your garage door from anywhere with your smartphone or Alexa! List Price:$29.98 Price:$19.98 You Save:$10.00 (33%) Buy Now Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission

Per reporting from ZDNet, the email that’s used as a vector for this attack is crafted to resemble a legitimate business email, with one such sample malicious email as part of this campaign including an Excel attachment titled “Order Requirements and Specs” that the recipient is asked to open. Once they do so, Agent Tesla is downloaded onto the victim’s machine.

Earlier this year, Sophos researchers warned that Agent Tesla is a particularly resilient and pernicious threat. “For many months, it has remained among the top families of malware in malicious attachments caught by Sophos. Because of this sustained stream of Agent Tesla attacks, we believe that the malware will continue to be updated and modified by its developers to evade endpoint and email protection tools.” It was also noted that among the new abilities of this updated Agent Tesla variant is that it can now take data from the Windows clipboard, in addition to the number of applications it can target having been expanded “considerably.”

The protections that are recommended to help keep users safe from threats like these are the same as always and no surprise. Sophos, for example, notes that the email accounts used to spread Agent Tesla tend to be legitimate accounts that have been compromised. For that reason, one should never click open an email thoughtlessly, nor automatically open any attachments those emails contain. “Organizations and individuals should, as always, treat email attachments from unknown senders with caution, and verify attachments before opening them,” Sophos adds.

Related coverage:

Today's Top Deal Amazon's Fire TV Stick 4K just got a surprise 20% discount! List Price:$49.99 Price:$39.99 You Save:$10.00 (20%) Buy Now Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission

Andy is a reporter in Memphis who also contributes to outlets like Fast Company and The Guardian. When he’s not writing about technology, he can be found hunched protectively over his burgeoning collection of vinyl, as well as nursing his Whovianism and bingeing on a variety of TV shows you probably don’t like.

Popular News