skip to Main Content

Cybercrime, organizations worldwide hit by two Agent Tesla campaigns

The cyber security experts: Cybercrime is trying to hit companies worldwide with Agent Tesla and two malspam campaigns

Cybercrime is trying to hit companies worldwide with Agent Tesla and two malspam campaigns. It has been denounced by several cyber security experts. In the first one, the malware is distributed via an email from a fake firm, that ask the victim the best offer on a product illustrated in the attachment. Actually, it’s a .gz archive, and a malicious executable file. In the second, the mail subject is a notification from Cloud Inventory. There is no attachment, but a malicious link in the text that starts the same process (.gz archive and exe file). In both cases, the malware steals and exfiltrates the victim’s sensitive information, thanks to the SMTP protocol. Moreover, in both samples, the sender address is generic (in the first one formally from Equatorial Guinea, and in the second from Mali).

Back To Top