Agent Tesla Spyware Used in Phishing Campaign

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger).

Agent Tesla is a.Net-based information-stealer that has been roaming the internet for many years but continues to pose a hazard in the hands of phishing actors.

Spyware is a type of malware designed to collect and steal the victim’s sensitive information, without the victim’s knowledge. Trojans, adware, and system monitors and are different types of spyware. Spyware monitors and stores the victim’s Internet activity (keystrokes, browser history, etc.) and can also harvest usernames, passwords, financial information, and more. It can also send this confidential data to servers operated by cybercriminals, so it can be used in consequent cyber attacks.

What Happened?

A new form of the Agent Tesla virus has been discovered as part of an ongoing phishing effort that uses Microsoft PowerPoint slides loaded with malicious macro code.

Fortinet analysts note that in the most recent effort, threat actors are purportedly targeting Korean users with emails containing “order” data.

Because the attachment is a PowerPoint file, the odds of convincing the recipients that they need to “enable content” in Microsoft

Read More: