FortiGuard Labs Threat Research Report
Affected platforms: Microsoft Windows
Impacted parties: Windows Users
Impact: Sensitive Information Collection from Victim’s Device
Severity level: Critical
FortiGuard Labs recently captured a fresh phishing campaign in which a Microsoft Excel document attached to a spam email downloaded and executed several pieces of VBscript code. This malware is used to hijack bitcoin address information and deliver a new variant of Agent Tesla onto the victim’s device.
Agent Tesla, first discovered in late 2014, is a known spyware focused on stealing sensitive information from a victim’s device, such as saved application credentials, keyboard inputs (keylogger), etc. We have posted a number of detailed analysis blogs for Agent Tesla campaign captured by FortiGuard Labs over the past several year.
Interestingly, Agent Tesla is a commercial software that is sold online, as shown in Figure 1.1, below.
Fortinet Inc. published this content on 04 June 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 04 June 2021 16:06:06 UTC.