Comment: Upgraded Agent Tesla malware steals passwords from browsers, VPNs

New variants of Agent Tesla remote access Trojan now come with modules dedicated to stealing credentials from applications including popular web browsers, VPN software, as well as FTP and email clients. Agent Tesla is a commercially available .Net-based info stealer with both remote access Trojan (RAT) and with keylogging capabilities active since at least 2014. This malware is currently very popular with business email compromise (BEC) scammers who use it to infect their victims for recording keystrokes and taking screenshots of compromised machines. It can also be used for stealing victims’ clipboard contents data, for collecting system information, and for killing anti-malware and software analysis processes.


EXPERTS COMMENTS
Stuart Sharp, VP of Solution Engineering,  OneLogin
August 12, 2020
Businesses should also consider moving away from their dependency on passwords.
Any malware with the capability of stealing passwords is very concerning given that they are traditionally a first line of defense for most websites and applications. It is even more concerning that they are able to steal passwords from VPNs which have become increasingly important in recent months for businesses functioning in the remote/hybrid working model ushered in by the COVID 19 pandemic. I ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article