Agent Tesla

The GZ attachment of the email directly contains the malware (an exe file). This steals sensitive information and exfilters it via FTP.

Cybercrime, the new Agent Tesla campaign passes through Taiwan

False company emails contain an ISO or zip attachment. Both hide the same exe that…

Cybercrime, the new Agent Tesla campaign passes through Taiwan

False company emails contain an ISO or zip attachment. Both hide the same exe that initiates the infection of the malware, which communicates with an SMTP server.

Cybercrime, Agent Tesla attacks with a new payment-themed campaign

The two compressed attachments of the mail contain an exe file. Both initiate the malware…

Cybercrime, Agent Tesla attacks with a new payment-themed campaign

The two compressed attachments of the mail contain an exe file. Both initiate the malware infection and communicate with a single SMTP server.

Cybercrime, three malware spread in a single compressed document

They are HawkEye, Matiex and Agent Tesla, hidden in a .7z file. It contains four…

Cybercrime, three malware spread in a single compressed document

They are HawkEye, Matiex and Agent Tesla, hidden in a .7z file. It contains four exe, disguised as pdf. Probably it’s an email attachment on a fake shipping.

Cybercrime, Agent Tesla now could use Telegram to exfiltrate data

Abuse.ch cybersecurity experts: Corporate web proxy operators shoud block outgoing network traffic towards api.telegram .org.…

Cybercrime, Agent Tesla now could use Telegram to exfiltrate data

Abuse.ch cybersecurity experts: Corporate web proxy operators shoud block outgoing network traffic towards api.telegram .org. The malware until now exploited FTP or SMTP.

Cybercrime, Agent Tesla attacks with couriers’ bait

The attachment of an email about a fake shipment, if opened, contacts a link from…

Cybercrime, Agent Tesla attacks with couriers’ bait

The attachment of an email about a fake shipment, if opened, contacts a link from which the malware is downloaded. The data is then exfiltrated via SMTP.

Cybercrime, Agent Tesla is back in Italy via Avion

The email contains a compressed attachment with an executable inside. Launching it installs the malware.…

Cybercrime, Agent Tesla is back in Italy via Avion

The email contains a compressed attachment with an executable inside. Launching it installs the malware. It sends, via SMTP, emails with the stolen data.

Cybercrime, Agent Tesla now “navigate” with vessels

New malspam campaign with a fake invoice by a real maritime ompany. The malware infection…

Cybercrime, Agent Tesla now “navigate” with vessels

New malspam campaign with a fake invoice by a real maritime ompany. The malware infection chain starts from the .doc document attached.

Cybercrime, Agent Tesla is now spread in Italy with curriculum vitae

Fake email from an alleged "professional technical employee" with .ace attachment. Inside there is an…

Cybercrime, Agent Tesla is now spread in Italy with curriculum vitae

Fake email from an alleged "professional technical employee" with .ace attachment. Inside there is an executable with malware. The data is exfiltrated via email.

Cybercrime, Agent Tesla campaign with the “purchase order” lure

New malspam campaign discovered by the cybersecurity expert Mich. The .gz attachment activates the malware…

Cybercrime, Agent Tesla campaign with the “purchase order” lure

New malspam campaign discovered by the cybersecurity expert Mich. The .gz attachment activates the malware infection chain