skip to Main Content

Cybercrime, new wave of the AgentTesla campaign via real company emails

New wave of the AgentTesla campaign via real company emails. The message img attachment contains an exe file: the malware itself. Stolen data is exfiltrated via FTP

New wave of the global AgentTesla campaign, which uses real company emails. In the past few hours, a message has arrived from a New Zealand company with a Request For Quotation (RFQ) theme.

The img attachment contains an exe file: the malware itself. The stolen data is then exfiltrated via FTP.

AgentTesla, through the keylogger function, is able to acquire everything the user types. Furthermore, it can steal browser emails and credentials and take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating existing ones.

Back To Top