Cybercrime, double AgentTesla campaign via couriers and invoices
A fake DHL email contains two compressed files with an exe inside: the same malware. Stolen data is exfiltrated via Telegram API.
Cybercrime, AgentTesla exploits Discord in a new campaign
The link in the photo attached to the email points to a url that downloads the exe “AWB # Ref45376289558” – the malware. The stolen data is exfiltrated via SMTP to an email address.
Cybercrime, the courier-themed AgentTesla campaign now leverages TNT
The ace attachment of the email, that simulates an invoice, contains an exe: the malware. Stolen data is exfiltrated via the Telegram API, the same of the last wave.