Connect with us

Hi, what are you looking for?

Cyber Security

New Agent Tesla Variants can Bypass Security Walls

Agent Tesla has been undergoing continuous improvements, and now, its operators have established a new benchmark. The newest variants of Agent Tesla are equipped with the ability to target a scan and analysis software designed to prevent malware infections from taking hold.

About the variants

According to Sophos researchers, Agent Tesla operators have been targeting the Microsoft Antimalware Scan Interface (AMSI) software to degrade its defenses and remove endpoint protection at the point of execution.

  • The two new variants labeled as Tesla 2 (v2) and 3 (v3) include an increased number of applications on the hit-list, such as Opera, Chromium, Chrome, Firefox, OpenVPN, and Outlook for the theft of credentials and enhanced obfuscation.
  • In addition, the new variants have availed options for operators to use the Tor client and Telegram’s messaging API when connecting to C2 servers.
  • The full deployment of the malware can enable an attacker to take screenshots, log keyboard input, steal data saved on clipboards, and grab credentials from apps, browsers, email clients, and others.

Agent Tesla thriving

Agent Tesla operators have been making steady progress with the malware, be it with its capabilities or the number of targeted victims.

  • According to Sophos researchers, in December 2020, Agent Tesla payloads had accounted for approximately 20% of all malicious email attachments.
  • In the same month, the malware got an update with expanded targeting and improved data exfiltration capabilities, including the ability to scoop up credentials for web browsers, emails, VPNs, and other services.

Conclusion

The emergence of new Agent Tesla versions appears to be focused on improving the success rate of the malware against malware defenses and scanners, and providing more C2 options to the operators. Such consistent updates and updated malware strains have helped it remain among the top malware families.

Source: https://cyware.com/news/new-agent-tesla-variants-can-bypass-security-walls-102102e5

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Security shortcomings mean that multiple password managers could be tricked into auto-filling credentials on untrusted pages, security researchers at Google warn. The team from Google went...

Cyber Security

Tesla is one of several organizations to remedy cross-origin resource sharing (CORS) misconfigurations after security researchers proved they could exfiltrate data from the carmaker’s internal network....

Cyber Security

Certificate authority Let’s Encrypt has announced plans to establish a platform that will support the revocation of digital certificates via Certificate Revocation Lists (CRLs)....

Cyber Security

Germany is mandating the use of secure, modern web browsers across government networks with a proposal for minimum standards currently open to consultation. The...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO