Fortinet : Phishing Malware Hijacks Bitcoin Addresses and Delivers New Agent Tesla Variant | #microsoft | #hacking | #cybersecurity


FortiGuard Labs Threat Research Report

Affected platforms: Microsoft Windows
Impacted parties: Windows Users
Impact: Sensitive Information Collection from Victim’s Device
Severity level: Critical

FortiGuard Labs recently captured a fresh phishing campaign in which a Microsoft Excel document attached to a spam email downloaded and executed several pieces of VBscript code. This malware is used to hijack bitcoin address information and deliver a new variant of Agent Tesla onto the victim’s device.

Agent Tesla, first discovered in late 2014, is a known spyware focused on stealing sensitive information from a victim’s device, such as saved application credentials, keyboard inputs (keylogger), etc. We have posted a number of detailed analysis blogs for Agent Tesla campaign captured by FortiGuard Labs over the past several year.

Interestingly, Agent Tesla is a commercial software that is sold online, as shown in Figure 1.1, below.

Disclaimer

Fortinet Inc. published this content on 04 June 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 04 June 2021 16:06:06 UTC.



Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

ninety eight − 93 =