The CERT-In: They are linked to Improper Access Control and allow a remote attacker to access meetings in stealth.
Malware Hunter JAMESWT Technical Analysis
New AgentTesla campaign via couriers. The .gz attachment of a fake DHL email contains an exe file: the malware itself. The data is exfiltrated via FTP
AgentTesla is back with a new global campaign with a courier theme.
The .gz attachment of a fake DHL email contains an exe file: the malware itself. The data is then exfiltrated via FTP.
AgentTesla, through the keylogger function, is able to acquire everything the user types. Furthermore, it can steal browser emails and credentials and take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating existing ones.