An old password-stealing malware called Agent Tesla is back and nastier than ever

Andy Meek

June 9, 2021 at 7:11 PM·2 min read

A new version of the remote access Trojan known as Agent Tesla has resurfaced, this time distributing what researchers have found is an updated version of the malware by using an infected email attachment that aims to steal everything from username and password credentials to a victim’s cryptocurrency.

This malware is actually pretty common and has been around since at least 2014. Researchers at Fortinet in a newly published threat research report note that it’s via a Microsoft Excel document attached to a spam email whereby the malware downloads and executes several pieces of code. “This malware,” the researchers explain, “is used to hijack bitcoin address information and deliver a new variant of Agent Tesla onto the victim’s device.” Regarding Agent Tesla, the researchers continue: “Most attackers like to spread malware in phishing emails. As a result, new phishing campaigns are detected every day by FortiGuard Labs. People should be more careful when opening files attached to email.”

Per reporting from ZDNet, the email that’s used as a vector for this attack is crafted to resemble a legitimate business email, with one such sample malicious email as part of this campaign including an Excel attachment titled “Order Requirements and Specs” that the recipient is asked to open. Once they do so, Agent Tesla is downloaded onto the victim’s machine.

Earlier this year, Sophos researchers warned that Agent Tesla is a particularly resilient and pernicious threat. “For many months, it has remained among the top families of malware in malicious attachments caught by Sophos. Because of this sustained stream of Agent Tesla attacks, we believe that the malware will continue to be updated and modified by its developers to evade endpoint and email protection tools.” It was also noted that among the new abilities of this updated Agent Tesla variant is that it can now take data from the Windows clipboard, in addition to the number of applications it can target having been expanded “considerably.”

The protections that are recommended to help keep users safe from threats like these are the same as always and no surprise. Sophos, for example, notes that the email accounts used to spread Agent Tesla tend to be legitimate accounts that have been compromised. For that reason, one should never click open an email thoughtlessly, nor automatically open any attachments those emails contain. “Organizations and individuals should, as always, treat email attachments from unknown senders with caution, and verify attachments before opening them,” Sophos adds.

Related coverage:

Today's Top Deals

See the original version of this article on BGR.com

Yahoo Sports
Former MLB infielder, Little League World Series star Sean Burroughs dies at 43
The seven-year major leaguer collapsed while coaching his son's Little League game on Thursday.
Yahoo Sports
Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race
The value of the Dolphins and Formula One racing is enormous.
Yahoo Sports
The best RBs for 2024 fantasy football, according to our experts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
Yahoo Sports
Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’
The 2024 Yankees have rediscovered their bravado and hold the second-best record in the AL, thanks in large part to the superstar outfielder.
Yahoo Finance
The FDIC change that leaves wealthy bank depositors with less protection
Affluent Americans may want to double-check how much of their bank deposits are protected by government-backed insurance. The rules governing trust accounts just changed.
Autoblog
Which pickup trucks get the best fuel economy? Here are the tops for gas mileage (or diesel)
Trucks aren't known for being fuel efficient, though times are changing. These are the trucks with the best gas mileage in various segments.
Yahoo Sports
Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'
Murray made a bad night on the court worse during a moment of frustration on the bench.
Yahoo Sports
Former NBA guard Darius Morris dies at 33
Former NBA guard Darius Morris has died at the age of 33. He played for five teams during his four NBA seasons. Morris played college basketball at Michigan.
Yahoo Sports
Golf’s moment of truth is here, and the sport is badly flailing
Nonexistent negotiations and missed opportunities for reconciliation between the PGA Tour and LIV Golf have the sport stuck in place.
Yahoo Sports
2024 Fantasy Football Mock Draft, 1.0
The Yahoo Fantasy football crew got together for their very first mock draft of 2024. Andy Behrens recaps the results.
Yahoo Finance
Former House Speaker Paul Ryan says he’s not voting for Trump : 'Character is too important'
Ryan says he would be writing in a Republican candidate instead of voting for Donald Trump.
Yahoo Sports
Yahoo Fantasy staff's Mock Draft 1.0: Shocking picks are plentiful
Teams have made their big splashes in free agency and made their draft picks, it's time for you to do the same. It's fantasy football mock draft time. Some call this time of year best ball season, others know it's an opportunity to get a leg up on your competition for when you have to draft in August. The staff at Yahoo Fantasy did their first mock draft of the 2024 season to help you with the latter. Matt Harmon and Andy Behrens are here to break it all down by each round and crush some staff members in the process.
Yahoo Sports
Ranking the best situations for the rookie quarterbacks: Start with Michael Penix in Atlanta at No. 1
It’s key to note that we’re not saying the “best team” or “best roster.” Instead, we’re talking about the best confluence of factors that can outline a path for survival and then success.
Yahoo Sports
Post-draft NFL fantasy power rankings: Offenses we love, like and want to stay away from
With free agency and the draft behind us, what 32 teams look like today will likely be what they look like Week 1 and beyond for the 2024 season. Matt Harmon and Scott Pianowski reveal the post-draft fantasy power rankings. The duo break down the rankings in six tiers: Elite offensive ecosystems, teams on the cusp of being complete mixed bag ecosystems, offensive ecosystems with something to prove, offenses that could go either way, and offenses that are best to stay away from in fantasy.
Yahoo Finance
Mortgage rates drop for the first time in five weeks with experts adjusting their forecasts
The average 30-year fixed mortgage rate edged back toward 7% this week but remains elevated, prompting housing experts to revise their forecasts for the rest of 2024.
Yahoo Sports
Cavaliers flip the script against the Celtics in Game 2, making this series a mystery
For one night, Cleveland's game plan worked to perfection. Do the Cavs have a shot to take down the Celtics?
Yahoo Finance
Recession-proof stocks are leading the market's latest leg higher
The Utilities and Consumer Staples sectors have popped since mid-April as investors search for value.
Yahoo Sports
Cardinals lose C Willson Contreras after left arm fractured by J.D. Martinez's swing
The Cardinals' nightmare season continues.
Yahoo Sports
Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap
Jake Mintz & Jordan Shusterman discuss the Padres-Marlins trade that sent Luis Arraez to San Diego, as well as recap all the action from this weekend in baseball and send birthday wishes to hall-of-famer Willie Mays.
Yahoo Sports
What's wrong with the Denver Nuggets? | Devine Intervention
Dan Devine and Adam Mares discuss the Denver Nuggets and Minnesota Timberwolves after Monday night’s game 2.

News

Life

Entertainment

Finance

Sports

New on Yahoo

An old password-stealing malware called Agent Tesla is back and nastier than ever

Recommended Stories

Former MLB infielder, Little League World Series star Sean Burroughs dies at 43

Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race

The best RBs for 2024 fantasy football, according to our experts

Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’

The FDIC change that leaves wealthy bank depositors with less protection

Which pickup trucks get the best fuel economy? Here are the tops for gas mileage (or diesel)

Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'

Former NBA guard Darius Morris dies at 33

Golf’s moment of truth is here, and the sport is badly flailing

2024 Fantasy Football Mock Draft, 1.0

Former House Speaker Paul Ryan says he’s not voting for Trump : 'Character is too important'

Yahoo Fantasy staff's Mock Draft 1.0: Shocking picks are plentiful

Ranking the best situations for the rookie quarterbacks: Start with Michael Penix in Atlanta at No. 1

Post-draft NFL fantasy power rankings: Offenses we love, like and want to stay away from

Mortgage rates drop for the first time in five weeks with experts adjusting their forecasts

Cavaliers flip the script against the Celtics in Game 2, making this series a mystery

Recession-proof stocks are leading the market's latest leg higher

Cardinals lose C Willson Contreras after left arm fractured by J.D. Martinez's swing

Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap

What's wrong with the Denver Nuggets? | Devine Intervention