skip to Main Content

Cybercrime, new Agent Tesla campaign spreads via invoices

Technical analysis by the Malware Hunter JAMESWT

New global receipts themed Agent Tesla. The email zip attachment contains an exe file, the malware itself. This steals information and exfilters it via email

A false receipt conveys the latest global cybercrime campaign to convey Agent Tesla. The email attachment contains an exe file, the malware itself.

This, if opened, starts the chain of infection. Once inside the machine, he steals information which he then exfilters via email.

Agent Tesla, in fact, through the keylogger function, is able to acquire everything the user types. Furthermore, it can steal browser emails and credentials and take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating existing ones.

Back To Top