Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal

2020-08-11 23:48

Since COVID-19 cast its pall in March, the Agent Tesla remote-access trojan has exploited the pandemic and added a raft of functionality that has helped it dominate the enterprise threat scene.

Though Agent Tesla first made a splash six years ago, it hasn't lost any momentum - in fact, it is featured in more attacks in the first half of 2020 compared to the infamous TrickBot or Emotet malware, according to SentinelOne's SentinelLabs.

Historically specializing in keylogging and data-stealing, Agent Tesla's new binaries offer "More robust spreading and injection methods as well as discovery and theft of wireless network details and credentials," Walter wrote.

In one campaign, Walter's team observed Agent Tesla dropping a copy of RegAsm.

"Attackers are continually evolving and finding new ways to use tools like Agent Tesla successfully while evading detection."

News URL

https://threatpost.com/agent-tesla-spyware-tricks-arsenal/158284/

#arsenal #spyware #tesla

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Tesla		6	3	5	1	0	9