skip to Main Content

Cybercrime, new wave of the engineering-machinery companies themed AgentTesla campaign

New wave of the engine-machinery companies themed AgentTesla campaign. The img attachment contains an exe: malware. Stolen data is exfiltrated via the same FTP address linked to previous waves

The AgentTesla campaign, which uses real emails from engineering and machinery companies in the Middle East, continues.

The img attachment contains an exe file: the malware. The stolen data is then exfiltrated via the same FTP address linked to the previous waves.

AgentTesla, through the keylogger function, is able to acquire everything the user types. Furthermore, it can steal browser emails and credentials and take screenshots. Finally, it has the ability to remotely issue commands on the infected PC, such as downloading additional payloads or updating existing ones.

Back To Top