Cybercrime, new AgentTesla campaign via “RE: Our Bank Transfer” email
The rar attachment contains an exe file: the malware itself. The stolen data is then exfiltrated via smtp.
Cybercrime, the mail “Re: FW: Quotation – Urgent” bait for AgentTesla
The Img attachment contains an exe file disguised as a pdf: the malware itself. Stolen data is exfiltrated via smtp.
Cybercrime, AgentTesla passes via a fake HSBC payment notice
The ace attachment contains an exe file: the malware itself. The stolen data is then exfiltrated via smtp.
Cybercrime, new double AgentTesla global campaign
The rar and r00 attachments of two different emails contain the same exe file: the malware. Stolen data is exfiltrated via smtp.
Cybercrime, “RE: STATEMENT OF ACCOUNT” conveys new AgentTesla campaign
R00 attachment contains an exe file: the malware itself. Stolen data is exfiltrated via smtp.
Cybercrime, three AgentTesla campaigns in one day
Two are generic, but also arrived in Italy. The third is targeted. The compressed files contain an exe: the malware itself. Stolen data is exfiltrated via smtp.
Cybercrime, double AgentTesla campaign via quotation
Two emails convey as many attachments, theoretically different but in reality the same. They are two loaders that download the malware. One works and the other not.
Cybercrime, SnakeKeylogger campaign via “RE:conferma d’ordine XX”
The uue attachment contains an exe: a loader that downloads the malware and runs it by infecting the machine. Data is stolen via smtp and api telegram.
Cybercrime, AgentTesla campaign via DHL shipping
The gz attachment contains an exe file: the malware itself. Stolen data is exfiltrated via smtp from a compromised account to a gmail recipient.
Cybercrime, “Re: Payment Copy” email spreads new AgentTesla campaign
The gz attachment contains an exe file: the malware itself. If opened, the chain of infection is activated. Stolen data is exfiltrated via smtp.